Formulating and analysis of traffic flow to secure software-defined network (SDN) using recursive network (RN) learning method

This work proposes a new solution for monitoring traffic flow (TFM) in the context of software-defined network (SDN) systems, particularly focusing on the detection of cyberattacks like DDoS. The solution is based on a Recursive Network (RN) design which enables higher accuracy in an ensemble of anomaly detection, which ensures complete SDN data plane protection even during the conditions of attack. The goal of this solution is to retain the highest possible network forwarding efficiency and avoid network congestion during cyberthreats. This approach mitigates overwhelming DDoS attack attempts characteristic to SDNs because of their centralized and ever-changing design. More conventional ways of detection tend to be blind to such attacks-this is why their detection becomes detection innovative. Gradually checking the traffic flow through the RN structure allows for more precise targeting of abnormal patterns often associated with misconduct behaviors. A key construct for this methodology is the implementation of a learned policy to control dynamic transit flow. The policy is aimed at optimizing the collection of flow data at points of data acquisition in order to provide prompt assessment of superfluous conditions, and therefore a prompt assessment to possible threats. The derived flow matching parameters respond dynamically to formed traffic patterns, and as a result the system gains additional abilities to avert cyberattacks. Comparative evaluations demonstrate the efficiency of the proposed model, with performance improvements ranging from 15.29 to 48.13% over existing methods, such as FMS, MMOS, DATA, QDATA, and DEEP-MC. This showcases the proposed method's superiority in enhancing cyberattack detection within SDN environments. By preventing network degradation during DDoS attacks and other anomalies, this solution ensures the integrity and availability of the SDN's data plane, contributing to the protection of critical network infrastructure.