Efficient Distributed Denial-of-Service Attack Defense in SDN-Based Cloud

Software-defined networking (SDN) is the key outcome of extensive research efforts over the past few decades toward transforming the Internet infrastructure to be more programmable, configurable, and manageable. However, critical cyber-threats in the SDN-based cloud environment are rising rapidly, in which distributed denial-of-service (DDoS) attack is one of the most damaging cyber attacks. In this paper, we propose an efficient solution to tackle DDoS attacks in the SDN-based cloud environment. We first introduce a new hybrid machine learning model based on support vector machine and self-organizing map algorithms to improve the traffic classification. Then, we propose an enhanced history-based IP filtering scheme (eHIPF) to improve the attack detection rate and speed. Finally, we introduce a novel mechanism that combines both the hybrid machine learning model and the eHIPF scheme to make a DDoS attack defender for the SDN-based cloud environment. The testbed is implemented in an SDN-based cloud with service function chaining. Through practical experiments, the proposed DDoS attack defender is proven to outperform existing mechanisms for DDoS attack classification and detection. The comprehensive experiments conducted with various DDoS attack levels prove that the proposed mechanism is an effective, innovative approach to defend DDoS attacks in the SDN-based cloud.