A Novel Approach for distributed denial of service defense using continuous wavelet transform and convolutional neural network for software-Defined network

Software-Defined Networks (SDNs) have emerged particularly for medium and large scale networks since they introduce agility and flexibility with the help of centralized network management by abstracting control plane from data forwarding plane. Although this cen-tralized architecture provides various advantages in terms of effortlessly managing and op-timizing network resources, this makes SDN vulnerable to conventional distributed denial of service (DDoS) attacks by making the network inoperable due to the overloaded network traffic. To address the vulnerability, in this work, we propose a detection and countermea-sure scheme based on continuous wavelet transform (CWT) and convolutional neural net-work (CNN). The scheme uses features obtained from CWT as the input for the CNN clas-sifier to differentiate attack samples from the normal ones. Our experimental results show that the proposed scheme achieves high detection rate against DNS amplification, NTP and TCP-SYN flood attacks with a remarkably low false alarm rate. (c) 2021 Elsevier Ltd. All rights reserved.