Threshold-Based Software-Defined Networking (SDN) Solution for Healthcare Systems against Intrusion Attacks

The healthcare sector holds valuable and sensitive data. The amount of this data and the need to handle, exchange, and protect it, has been increasing at a fast pace. Due to their nature, software-defined networks (SDNs) are widely used in healthcare systems, as they ensure effective resource utilization, safety, great network management, and monitoring. In this sector, due to the value of the data, SDNs face a major challenge posed by a wide range of attacks, such as distributed denial of service (DDoS) and probe attacks. These attacks reduce network performance, causing the degradation of different key performance indicators (KPIs) or, in the worst cases, a network failure which can threaten human lives. This can be significant, especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health, or m-health. In this study, we examine the effectiveness of using SDNs for defense against DDoS, as well as their effects on different network KPIs under various scenarios. We propose a threshold-based DDoS classifier (TBDC) technique to classify DDoS attacks in healthcare SDNs, aiming to block traffic considered a hazard in the form of a DDoS attack. We then evaluate the accuracy and performance of the proposed TBDC approach. Our technique shows outstanding performance, increasing the mean throughput by 190.3%, reducing the mean delay by 95%, and reducing packet loss by 99.7% relative to normal, with DDoS attack traffic.