حسين غليم

By separating the control plane from the data plane, SDN has transformed contemporary telecommunications an‎d made hitherto unheard-of degrees of programmability an‎d automation possible. However, this centralized design introduces major security flaws, most notably turning the control plane into a major target for Distributed Denial of Service (DDoS) attacks. This study looks at the urgent requirement for a strong security system able to correctly detect an‎d counter sophisticated DDoS attacks including volumetric, protocol-based, an‎d application- layer assaults. The suggested study aims at creating an improved detection system using deep learning approaches, especially a hybrid CNN-LSTM architecture, to analyze network traffic patterns. Treating packet headers as spatial structures an‎d flow records as temporal sequences helps the model to detect not only high-rate floods but also subtle, low-rate DDoS attacks that frequently go unnoticed by conventional threshold-based methods. Training an‎d testing of the system are done with the InSDN dataset, which offers a fair depiction of current SDN traffic. Results show that the hybrid model performs well in important areas like accuracy, precision, an‎d F1-score, an‎d it also keeps the low latency needed for real-time network settings. Moreover, the research details a proactive mitigation approach combining with the SDN controller to dynamically change flow rules an‎d neutralize network edge threats. In the end, by bridging the gap between theoretical SDN advantages an‎d real- world security needs, this research advances the security of newly developed digital infrastructure like IoT an‎d cloud-based SDN.

اينترنت اشيا (IoT)

Internet of Things (IoT)

Hussein Ghelim

Dr. Javad Vahidi