Abstract: Software Defined Network (SDN) allows the separation of a control layer and data forwarding at two different layers. However, centralized control systems in SDN is vulnerable to attacks namely Distributed Denial of Service (DDoS). Therefore, it is necessary for developing a solution based on reactive applications that can identify, detect, as well as mitigate the attacks comprehensively. In this paper, an application has been built based on machine learning methods including, Support Vector Machine (SVM) using Linear and Radial Basis Function kernel, K-Nearest Neighbor (KNN), Decision Tree (DTC), Random Forest (RFC), Multi-Layer Perceptron (MLP), and Gaussian Naïve Bayes (GNB). The paper also proposed a new scheme of DDOS dataset in SDN by gathering considerably static data form using the port statistic. SVM became the most efficient method for identifying DDoS attack successfully proved by the accuracy, precision, and recall approximately 100 % which could be considered as the primary algorithm for detecting DDoS. In term of the promptness, KNN had the slowest rate for the whole process, while the fastest was depicted by GNB.

Keyword: Support vector machine, software defined network, machine learning, distributed Dos, detection.

Received May 6, 2020; accepted September 9, 2020