Systematic Review of Machine Learning-Based DDoS Detection in SDN Networks: A PRISMA Approach
Keywords:
DDoS Attack Detection, Software Defined Networking, Machine LearningAbstract
This systematic literature review aims to detect the detection of Distributed Denial of Service
(DDoS) attacks in Software-Defined Networking (SDN) environments using machine learning techniques. The
PRISMA approach was used to ensure a comprehensive and transparent review process. The underlying
architecture of SDN is highly vulnerable to DDoS attacks and thus requires efficient detection mechanisms.
This review covers the application of various machine learning algorithms, such as Random Forest, Support
Vector Machine (SVM), and Neural Networks, and their effectiveness in identifying anomalous traffic. Data
from Scopus-indexed journals between 2016 and 2024 is used to provide a comprehensive picture of recent
advances in this field. The research found that machine learning algorithms were able to increase the level of
accuracy in DDoS detection, but also identified significant challenges such as the limitations of high-quality
datasets that reflect real network traffic and the need for real-time detection at large network scales. In addition,
the computational complexity of deep learning models and resource efficiency in practical applications are also
challenges that need to be resolved. The results of these observations lead to recommendations for developing
more efficient algorithms, optimizing the use of computing resources, and improving dataset quality to support
more accurate and faster DDoS detection in SDN environments.
