A Novel Approach to DDoS Detection in Multi-Controller SDNs: Adaptive Learning Models and Real-Time Feedback for Enhanced IoT Security.

This study introduces an innovative approach for detecting Distributed Denial-of-Service (DDoS) attacks in Software-Defined Networks (SDNs) with a multi-controller setup, specifically tailored to secure Internet of Things (IoT) devices. Traditional DDoS detection techniques struggle with the dynamic and sophisticated nature of modern network threats, particularly in complex and scalable environments like SDNs. To address these challenges, our objective is to develop a methodology that integrates adaptive learning and feedback mechanisms to continuously evolve and improve detection accuracy. Our approach utilizes adaptive learning models that dynamically adjust to new data and emerging attack patterns, learning continuously from network behaviour to detect subtle and novel attack strategies effectively. By implementing a system of feedback loops, our detection algorithms receive real-time insights from the operational environment, allowing immediate adaptation to changing network conditions and attack techniques. Advanced feature selection methods are employed to identify the most relevant data points from network traffic. Through ROC curve analysis of various machine learning models--RNN, LSTM, GAN, and Auto Encoder--using Chi-Square, Decision Tree, and PCA feature selection methods, PCA consistently demonstrated superior performance. It achieved higher true positive rates across various false positive rates, indicating better classification accuracy. The Auto Encoder model, combined with PCA, exhibited the best results, highlighting its efficacy in balancing sensitivity and specificity for anomaly detection. Experimental evaluations conducted using the CICDDoS2019 dataset highlight the effectiveness of our approach. The proposed Auto Encoder model with PCA feature selection achieved the highest accuracy at 99.56%, surpassing other models such as LSTM with feature selection, which achieved 99.42%, and RNN LSTM, which had the lowest accuracy at 89.63%. These results demonstrate the effectiveness of our approach in enhancing the accuracy and reliability of network traffic anomaly detection, particularly for DDoS attacks involving IoT devices. Overall, our research combines adaptive learning and feedback loops to create a dynamic, intelligent DDoS detection system for SDNs, advancing network security in handling evolving threats. [ABSTRACT FROM AUTHOR]