|
| Authors | Title | Method used | Controller architecture | Data set used | Gaps |
|
| Kavitha et al. [11] | “The Detection and Mitigation of Distributed Denial-of-Service (DDoS) Attacks in Software Defined Networks Using Distributed Controllers” | Entropy-based | POX multicontroller (3 controllers) | Scapy and Wireshark are used to generate traffic | (i) Low attack detection classification accuracy rate
(ii) Its correctness depends on the threshold selection
(iii) And it has some one-sidedness |
|
| Wang et al. [3] | “A DDoS Attack Detection Method Based on Information Entropy and Deep Learning in SDN” | Information entropy and CNN | POX single controller | CICIDS2017 | (i) Single point of controller failure
(ii) Lack of reliability and scalability
(iii) High controller performance overhead |
|
| Gadze et al. [32] | “An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDoS Attack on SDN Controllers” | RNN_LSTM | Floodlight in a single controller | Malicious traffic was generated using hping3 | (i) Not effective in a large-scale network
(ii) A single point of failure causes a full network failure |
|
| Alghazzawi et al. [39] | “Efficient Detection of DDoS Attacks Using a Hybrid Deep Learning Model with Improved Feature Selection” | CNN-BI-LSTM | Single controller | CICDDoS2019 | (i) Lack of detailed attack type description
(ii) Binary classification |
|
| Elsayed et al. [31] | “DDoSNet: A Deep-Learning Model for Detecting Network Attacks” | RNN with autoencoder | Single controller | CICDDoS2019 | (i) Lack of detailed attack type description
(ii) High controller performance overhead |
|
| Pandikumar et al. [22] | “Early Detection of DDoS Attacks in a Multi-Controller Based SDN” | Based on the entropy variation of the destination IP address | POX multicontroller | Packet generation is done via Scapy | (i) Low accuracy rate
(ii) Its correctness depends on the threshold selection
(iii) And it has some one-sidedness |
|
