A systematic literature review on the accuracy of machine learning based DDoS detection techniques in Software Defined Networking
摘要
Software Defined Networking (SDN) enhances programmability and scalability but is significantly susceptible to Distributed Denial of Service (DDoS) attacks. This research methodically assesses machine learning (ML) detection strategies for DDoS attacks in SDN, emphasizing detection efficacy, datasets, and evaluation metrics. Employing the PRISMA framework, 36 main papers published from 2018 to 2023 were discovered and examined. The results indicate that Random Forest (RF), Support Vector Machine (SVM), Decision Trees (DT), and hybrid deep learning methodologies regularly attain high accuracy, often exceeding 99%, in identifying DDoS traffic. Nevertheless, the majority of research provide findings only based on accuracy, with little consideration of variability, statistical significance, and real-world applicability. A bibliometric analysis of worldwide contributions is presented to offer research context, emphasizing India, China, and Saudi Arabia as prominent contributors. This research underscores the need for multi-factor assessment (precision, recall, F1-score), rigorous validation across varied datasets, and real-time scalability assessment. The research emphasizes the significance of feature selection and extraction in enhancing performance, the prevalence of control-plane implementations, and the dependence on comparison datasets like CICDDoS2019. Challenges persist due to limitations like dataset imbalance, insufficient real-world testing, and inadequate reporting of variability measurements. Future initiatives include the development of lightweight and adaptable models, the exploration of transfer and adversarial learning, and the validation of methodologies in extensive SDN-IoT networks. These results elucidate the strengths and weaknesses of existing ML-based detection methods in SDN and delineate prospective avenues for future study.