• Danijel Čabarkapa Academy of Professional Studies Šabac, Department of Medical and Business-Technological Studies
  • Brankica Popović
  • Petar Čisar
  • Kristijan Kuk


software-defined networking, virtualization, distributed denial of service attack, entropy, machine learning, detection schemes


Software-Defined Networks (SDN) is an important technology that enables a new approach to how we develop and manage networks. SDN divides the data plane and control plane and supports the logical centralization of network control. However, the centralized architecture of SDN is also a potential vulnerability for various types of malicious attacks. The paper elaborates on the security aspects of virtualization as a basic concept of SDN architecture. Among the many types of attack, one of the most frequent and destructive are Distributed Denial of Service (DDoS) attacks. This paper presents an analysis of techniques to detect DDoS attacks in SDN networks. It first describes the SDN architecture and then elaborates on different detection techniques for DDoS attacks. Additionally, this paper emphasizes the types, components, and categories of detection solutions according to the techniques or methods used. The important approaches and those that can answer the complexity of detecting DDoS attacks in SDN are the detection schemes based on entropy and machine learning principles. This paper in general focuses on these two detection techniques and summarizes their benefits and drawbacks and finally provides a guideline for future research directions related to DDoS detection techniques in SDN networks.


1. Ahuja, N., Singal, G. et al., (2021) Automated DDOS Attack Detection in Software Defined Networking, In Journal of Network and Computer Applications, Vol. 187, 2021, 103-108,
2. Basicevic, I., Blazic, N., Ocovaj, S. (2021) On the Use of Principal Component Analysis in the Entropy Based Detection of Denial‐of‐Service Attacks, Security and Privacy, Wiley, Vol. 4, Issue 1, doi: 10.1002/spy2.
3. Berde, P., Gerola, M., Hart, J. et al., (2014) ONOS: Towards an Open, Distributed SDN OS, In HotSDN: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, ACM 2014, pp. 1–6.
4. Bonguet, A., Bellaiche, M. (2017) A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defenses in Cloud Computing, In Future Internet, 9(3):43.
5. Cabarkapa, D., Rancic, D. (2021) Performance Analysis of Ryu-POX Controller in Different Tree-Based SDN Topologies, Advances in Electrical and Computer Engineering, vol. 21, no. 3, 31-38, doi:10.4316/AECE.2021.03004
6. Cabarkapa, D., Rancic, D., Pavlovic, P., Milicevic, M. (2022) Investigating the Impact of Tree-Based Network Topology on the SDN Controller Performance, Facta Universitatis, Series: Automatic Control and Robotics, Vol. 21, No 1, 25-35, doi: 10.22190/FUACR211223003C
7. Cisar, P., Erlenvajn, D., Maravic-Cisar, S. (2018) Implementation of Software-Defined Networks Using Open-Source Environment, In Technical gazette, Vol. 25, Suppl. 1, pp. 222-230,
8. Cisar, P., Maravic Cisar, S., Popovic, B., Kuk, K., Vukovic I. (2022) Application of Artificial Immune Networks in Continuous Function Optimization, Acta Polytechnica Hungarica, 2022, accepted for publication
9. Ding, D., Savi, M., Pederzolli F., Campanella, M., Siracusa, D. (2021) In-Network Volumetric DDoS Victim Identification Using Programmable Commodity Switches, In IEEE Transactions on Network and Service Management, vol. 18, no. 2, 1191-1202, doi: 10.1109/TNSM.2021.3073597.
10. Dong, Li, Chang Yu et al. (2018) Using SVM to Detect DDoS Attack in SDN, In IOP Conf. Series: Materials Science and Engineering 466 (2018) doi:10.1088/1757-899X/466/1/012003
11. Dong, S., Abbas, K., Jain, R. (2019) A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud Computing Environments, In: IEEE Access, vol. 7, pp. 80813-80828, doi: 10.1109/ACCESS.2019.2922196.
12. Dudeja, R. K., Bali, R. S., Aujla, G. S. (2022) Internet of Everything: Background and Challenges, In: Software Defined Internet of Everything, 3-15, Springer, doi: 10.1007/978-3-030-89328-6_1
13. Gupta, B. B., Joshi, R. C., Misra, M. (2009) Defending against Distributed Denial of Service Attacks: Issues and Challenges, Information Security Journal: A Global Perspective, 18:5, 224-247, doi: 10.1080/19393550903317070
14. Ibrahim, J., Gajin, S. (2022) Entropy-based Network Traffic Anomaly Classification Method Resilient to Deception, Computer Science and Information Systems, Vol. 19, Issue 1, 87-116, doi:10.2298/CSIS201229045I
15. Ismail et al., (2022) A Machine Learning-Based Classification and Prediction Technique for DDoS Attacks, In IEEE Access, vol. 10, pp. 21443-21454, doi: 10.1109/ACCESS.2022.3152577.
16. Jimenez, M. B., Fernandez, D., Rivadeneira, J. E. et al., (2021) A Survey of the Main Security Issues and Solutions for the SDN Architecture, In IEEE Access, vol. 9, pp. 122016-122038, doi: 10.1109/ACCESS.2021.3109564.
17. Kuk, K., Milentijevic, I., Randjelovic, D., Popovic B., Cisar P. (2017) The Design of the Personal Enemy - MIMLeBot as an Intelligent Agent in a Game-Based Learning Environment, Acta Polytechnica Hungarica, 14(4): 121-139, 2017, ISSN 1785-8860
18. Open Networking Foundation: OpenFlow Switch Specification, Version 1.5.1, (2015),
19. POX Github Documentation, (Last accessed on June 2022)
20. Sahoo, K. S. et al., (2020) An Evolutionary SVM Model for DDOS Attack Detection in Software Defined Networks, In IEEE Access, vol. 8, pp. 132502-132513, 2020, doi: 10.1109/ACCESS.2020.3009733.
21. Shalimov, A., Zuikov, D., Zimarina, D. et al., (2013) Advanced study of SDN/OpenFlow controllers, CEE-SECR '13: Proceedings of the 9th Central & Eastern European Software Engineering Conference, no. 1, 1-6,
22. Sherwood, R. et al., (2009) FlowVisor: A Network Virtualization Layer, Deutsche Telekom Inc., R&DLab, Stanford University, Nicira Networks, Tech. Rep. OPENFLOW-TR-2009-1.
23. Sudar, K., M., Deepalakshmi P. (2020) Comparative Study on IDS Using Machine Learning Approaches for Software Defined Networks, International Journal of Intelligent Enterprise, Vol. 7, no.1-3, pp. 15-27, doi: 10.1504/IJIE.2020.104642
24. Villota, W., Gironza, M., Ordoñez, A., Caicedo, R. O. M. (2018) On the Feasibility of Using Hierarchical Task Networks and Network Functions Virtualization for Managing Software-Defined Networks, In IEEE Access, vol. 6, 38026-38040, doi: 10.1109/ACCESS.2018.2852649.
25. Vukovic, I., Popovic, B., Cisar, P. (2020) Application of Artificial Intelligence in Detection of DDoS attacks, Thematic conference proceedings of international significance, International scientific conference 'Archibald Reiss Days', Belgrade, University of Criminal Investigation and Police Studies, Belgrade, 10(2): 557-566.
26. Yu, S., Zhang, J., Liu, J. et al. (2021) A Cooperative DDoS Attack Detection Scheme Based on Entropy and Ensemble Learning in SDN, EURASIP Journal on Wireless Communications and Networking, 90, 2021,
27. Zargar, S. T., Joshi, J., Tipper, D. (2013) A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks, In IEEE Communications Surveys & Tutorials, vol. 15, no. 4, 2046-2069, doi: 10.1109/SURV.2013.031413.00127.
28. Zhou, L., Zhu, Y., Xiang, Y. (2022). A novel feature-based framework enabling multi-type DDoS attacks detection, In Special Issue on Decision Making in Heterogeneous Network Data Scenarios and Applications, Springer,
29. Zhou, W., Li, L., Luo M., Chou, W. (2014) REST API Design Patterns for SDN Northbound API, 28th International Conference on Advanced Information Networking and Applications Workshops, 358-365, doi: 10.1109/WAINA.2014.153.






Natural and Applied Sciences in Forensics, Cybercrime and Security