<p>The convergence of Internet of Things (IoT), cloud computing, and Software-Defined Networking (SDN) has increased the attack surface for large-scale Distributed Denial-of-Service (DDoS) attacks. While machine-learning and deep-learning methods achieve strong results within single domains, they frequently fail to generalize across heterogeneous network environments. We propose a unified cross-domain DDoS detection framework that harmonizes traffic from IoT, cloud, and SDN domains into a shared, semantically consistent feature space, enabling fair comparison and transferability assessment. Five supervised classifiers Random Forest, XGBoost, LightGBM, CatBoost, and a Multi-Layer Perceptron–are evaluated under source<InlineEquation ID="IEq1"><EquationSource Format="TEX">\(\rightarrow \)</EquationSource></InlineEquation>target transfer scenarios using standardized metrics and statistical testing. Experiments on representative IoT, cloud, and SDN benchmark datasets show consistently high detection performance (accuracy <InlineEquation ID="IEq2"><EquationSource Format="TEX">\(\ge \)</EquationSource></InlineEquation> 0.987) and area under the ROC curve (AUC <InlineEquation ID="IEq3"><EquationSource Format="TEX">\(\ge \)</EquationSource></InlineEquation> 0.998) after harmonization, with only minor precision degradation across merged datasets. Feature-importance and interpretability analyses identify flow duration, packet-length statistics, and inter-arrival variance as invariant indicators of volumetric DDoS activity. The results demonstrate the framework’s robustness, scalability, and practical suitability for deployment in next-generation heterogeneous network infrastructures.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A unified cross-domain framework for DDoS detection across IoT, cloud, and SDN networks

  • Muhammad Ali Azam Khattak

摘要

The convergence of Internet of Things (IoT), cloud computing, and Software-Defined Networking (SDN) has increased the attack surface for large-scale Distributed Denial-of-Service (DDoS) attacks. While machine-learning and deep-learning methods achieve strong results within single domains, they frequently fail to generalize across heterogeneous network environments. We propose a unified cross-domain DDoS detection framework that harmonizes traffic from IoT, cloud, and SDN domains into a shared, semantically consistent feature space, enabling fair comparison and transferability assessment. Five supervised classifiers Random Forest, XGBoost, LightGBM, CatBoost, and a Multi-Layer Perceptron–are evaluated under source\(\rightarrow \)target transfer scenarios using standardized metrics and statistical testing. Experiments on representative IoT, cloud, and SDN benchmark datasets show consistently high detection performance (accuracy \(\ge \) 0.987) and area under the ROC curve (AUC \(\ge \) 0.998) after harmonization, with only minor precision degradation across merged datasets. Feature-importance and interpretability analyses identify flow duration, packet-length statistics, and inter-arrival variance as invariant indicators of volumetric DDoS activity. The results demonstrate the framework’s robustness, scalability, and practical suitability for deployment in next-generation heterogeneous network infrastructures.