Detection of Distributed Denial of Service Attacks through a Combination of Machine Learning Algorithms over Software Defined Network Environment

Software Defined-Network (SDN) is still lately attracting much new research of interest. SDN networks introduce a new design that works on split the control plane from the data plane in order to allow a broader filed to program the network smoothly and efficiently to gain much simplicity, compared to the traditional networks. Any change in traditional networks required a re-configuration on a set of resources for the network. Whereas in new SDN network needs one person with knowledge on the control layer (controller) to manage all network resources and update rules with less time. One of the most critical attacks that increased lately is the Distributed Denial of Service (DDoS), which works to make the service unavailable for an unknown period. In this paper, we will suggest a method to detect a DDoS attack that targeting one or multiple victims concurrently by combining two algorithms of Machine Learning (ML), which is entropy and Principal Component Analysis (PCA). Also, we examined the efficiency of our schema through a Mininet emulator and a pox controller and using open vSwitch as a switch. We have obtained high detection accuracy to detect DDoS attacks.