Research Article

SVM driven approach for detecting DoS attacks in SDN environment

¹ Faculty of Computer Science and Information Technology, Universiti Malaysia Sarawak, Malaysia
² Department of Computer Science, COMSATS University Islamabad, Pakistan

^* e-mail: najam_nisa@comsats.edu.pk

Received: 22 September 2025
Accepted: 10 October 2025

Abstract

Software-Defined Networking (SDN) reveals a significant progression in networking technology, offering improved management and operational oversight of network infrastructures. Even though the control plane offers benefits, it is still susceptible to Denial of Service (DoS) attacks, and this poses a significant threat to system security. By taking advantage of the network's centralized architecture, these attacks pose serious dangers and can overload controllers, leading to severe packet loss and significant downtime in the network. To address this challenge, we propose a novel approach that efficiently detects DoS attacks by implementing a packet inspection process using a queuing mechanism, followed by machine learning classification using SVM and KNN algorithms. These algorithms were rigorously evaluated using the CICDoS 2017 dataset and integrated into an SDN threat-detection framework. The results of extensive testing in SDN environment demonstrated higher efficiency measures, such as enhanced network performance by reducing latency and resource consumption, maintaining a false-positive rate under 5%, and achieving a detection accuracy of 99%. These results demonstrate how well our proposed approach works to successfully detect DoS attacks in SDN systems. Moreover, the novel approach, the thorough end-to-end solution exhibited, and the importance of the experimental outcomes all work together to establish a solid basis for future studies in this area.