Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks
Software-Defined Networking (SDN) offers significant advantages for modern networks, including flexibility, centralized control, and reduced dependency on vendor-specific hardware. However, these benefits introduce security vulnerabilities, particularly from Distributed Denial-of-Service (DDoS) att...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Iee
2025
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/12723/1/J19660_e85abfedbbd328ff506766f322ebab3a.pdf http://eprints.uthm.edu.my/12723/ https://doi.org/10.1002/ceat.202400048 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1836859129266700288 |
|---|---|
| author | Hirsi, Abdinasir A. Alhartomi, Mohammed Audah, Lukman Salh, Adeb Mad Sahar, Nan Ahmed, Salman Ansa, Godwin Okon Farah, Abdullahi |
| author_facet | Hirsi, Abdinasir A. Alhartomi, Mohammed Audah, Lukman Salh, Adeb Mad Sahar, Nan Ahmed, Salman Ansa, Godwin Okon Farah, Abdullahi |
| author_sort | Hirsi, Abdinasir |
| building | UTHM Library |
| collection | Institutional Repository |
| content_provider | Universiti Tun Hussein Onn Malaysia |
| content_source | UTHM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Software-Defined Networking (SDN) offers significant advantages for modern networks, including flexibility, centralized control, and reduced dependency on vendor-specific hardware. However, these benefits introduce security vulnerabilities, particularly from Distributed Denial-of-Service (DDoS)
attacks, which represent some of the most disruptive threats to SDN environments. A review of the literature shows that while various techniques have been proposed to counteract DDoS threats, many studies have
focused on single detection methods, with only a few utilizing multiple approaches. This fragmented focus limits a comprehensive approach to addressing DDoS threats across the SDN layers. To bridge this gap,
this paper presents the first comprehensive review of DDoS anomaly detection in SDN, examining over 165 primary research articles published between 2020 and 2024. A novel taxonomy of DDoS attacks is introduced, categorizing them by distinct characteristics, and mapping each attack type to relevant detection
methods within specific SDN layers. The survey provides a layer-by-layer analysis of DDoS detection techniques, covering the application, control, and infrastructure layers, and offers a structured overview that clarifies the applicability and effectiveness of each method. The paper concludes by synthesizing key findings, identifying unresolved challenges, and outlining future research directions to advance DDoS detection mechanisms in SDN. This roadmap is designed to guide researchers in addressing security vulnerabilities and enhancing SDN resilience against evolving DDoS threats. |
| format | Article |
| id | my.uthm.eprints-12723 |
| institution | Universiti Tun Hussein Onn Malaysia |
| language | en |
| publishDate | 2025 |
| publisher | Iee |
| record_format | eprints |
| spelling | my.uthm.eprints-127232025-06-26T00:06:02Z http://eprints.uthm.edu.my/12723/ Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks Hirsi, Abdinasir A. Alhartomi, Mohammed Audah, Lukman Salh, Adeb Mad Sahar, Nan Ahmed, Salman Ansa, Godwin Okon Farah, Abdullahi TK Electrical engineering. Electronics Nuclear engineering Software-Defined Networking (SDN) offers significant advantages for modern networks, including flexibility, centralized control, and reduced dependency on vendor-specific hardware. However, these benefits introduce security vulnerabilities, particularly from Distributed Denial-of-Service (DDoS) attacks, which represent some of the most disruptive threats to SDN environments. A review of the literature shows that while various techniques have been proposed to counteract DDoS threats, many studies have focused on single detection methods, with only a few utilizing multiple approaches. This fragmented focus limits a comprehensive approach to addressing DDoS threats across the SDN layers. To bridge this gap, this paper presents the first comprehensive review of DDoS anomaly detection in SDN, examining over 165 primary research articles published between 2020 and 2024. A novel taxonomy of DDoS attacks is introduced, categorizing them by distinct characteristics, and mapping each attack type to relevant detection methods within specific SDN layers. The survey provides a layer-by-layer analysis of DDoS detection techniques, covering the application, control, and infrastructure layers, and offers a structured overview that clarifies the applicability and effectiveness of each method. The paper concludes by synthesizing key findings, identifying unresolved challenges, and outlining future research directions to advance DDoS detection mechanisms in SDN. This roadmap is designed to guide researchers in addressing security vulnerabilities and enhancing SDN resilience against evolving DDoS threats. Iee 2025 Article PeerReviewed text en http://eprints.uthm.edu.my/12723/1/J19660_e85abfedbbd328ff506766f322ebab3a.pdf Hirsi, Abdinasir and A. Alhartomi, Mohammed and Audah, Lukman and Salh, Adeb and Mad Sahar, Nan and Ahmed, Salman and Ansa, Godwin Okon and Farah, Abdullahi (2025) Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks. Digital Object Identifier, 13. pp. 23013-23071. https://doi.org/10.1002/ceat.202400048 |
| spellingShingle | TK Electrical engineering. Electronics Nuclear engineering Hirsi, Abdinasir A. Alhartomi, Mohammed Audah, Lukman Salh, Adeb Mad Sahar, Nan Ahmed, Salman Ansa, Godwin Okon Farah, Abdullahi Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title | Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title_full | Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title_fullStr | Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title_full_unstemmed | Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title_short | Comprehensive Analysis of DDoS Anomaly Detection in Software-Defined Networks |
| title_sort | comprehensive analysis of ddos anomaly detection in software-defined networks |
| topic | TK Electrical engineering. Electronics Nuclear engineering |
| url | http://eprints.uthm.edu.my/12723/1/J19660_e85abfedbbd328ff506766f322ebab3a.pdf http://eprints.uthm.edu.my/12723/ https://doi.org/10.1002/ceat.202400048 |
| url_provider | http://eprints.uthm.edu.my/ |