Evaluation of Machine Learning Techniques for Security in SDN

Software Defined Networking (SDN) has emerged as the most viable programmable network architecture to solve many challenges in legacy networks. SDN separates the network control plane from the data forwarding plane and logically centralizes the network control plane. The logically centralized control improves network management through global visibility of the network state. However, centralized control opens doors to security challenges. The SDN control platforms became the most attractive venues for Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Due to the success and inevitable benefits of Machine Learning (ML) in fingerprinting security vulnerabilities, this article proposes and evaluates ML techniques to counter DoS and DDoS attacks in SDN. The ML techniques are evaluated in a practical setup where the SDN controller is exposed to DDoS attacks to draw important conclusions for ML-based security of future communication networks.