Hybrid CNN GRU Framework for Early Detection and Adaptive Mitigation of DDoS Attacks in SDN using Image Based Traffic Analysis

Authors

  • Danang Danang Universitas Sains Dan Teknologi Komputer
  • Indra Ava Dianta Universitas Sains Dan Teknologi Komputer
  • Agustinus Budi Santoso Universitas Sains Dan Teknologi Komputer
  • Siti Kholifah Universitas Sains dan Teknologi Komputer

DOI:

https://doi.org/10.62951/ijies.v2i2.292

Keywords:

CNN–GRU Hybrid Model, Deep Learning, DDoS Detection, Image-Based Traffic Analysis, Software-Defined Networking (SDN)

Abstract

The threat of Distributed Denial of Service (DDoS) is increasing develop along with increasing use of the Internet of Things (IoT) and Software-Defined Networking (SDN) architecture . Although SDN provides convenience in management network , properties its centralized control make it prone to to flooding attacks that can paralyze controller performance . Detection method conventional , such as approach statistics and machine learning, still own limitations in matter accuracy , high false positive rate , and dependence on extracted features manually . To overcome problem said , research This propose a hybrid deep learning based DDoS detection and mitigation model that combines Convolutional Neural Network (CNN) to extraction feature spatial from RGB and Gated Recurrent Unit (GRU) images for understand temporal correlation between traffic data network . System tested through network test-bed Mininet based with Ryu/Floodlight controller, using simulation DDoS attacks (Hping3, LOIC) and normal traffic (video streaming, HTTP server). Traffic data cross recorded in PCAP format, processed become RGB image measuring 200×200 pixels, and labeled based on type traffic . Evaluation results with metric accuracy , precision, recall, F1-score, and MCC show that the CNN–GRU model has performance more superior compared to baseline approaches such as CNN-only, GRU-only, as well as classical ML methods such as SVM and Random Forest. In addition , the system capable apply mitigation adaptive through automatic flow rule creation on edge switches. Findings This confirm that effective deep learning- based spatial -temporal hybrid approach in increase detection early and response DDoS attacks on SDN networks adaptive and real-time.

 

References

Agarwal, A., Khari, M., & Singh, R. (2022). Detection of DDoS attack using deep learning model in cloud storage applications. Wireless Personal Communications, 1–21. https://doi.org/10.1007/s11277-022-09646-9

Alam, M., Shahid, M., & Mustajab, S. (2024). Security challenges for workflow allocation model in cloud computing environment: A comprehensive survey. The Journal of Supercomputing, 1–65. https://doi.org/10.1007/s11227-024-05642-2

Alghazzawi, D., et al. (2021). Efficient detection of DDoS attacks using a hybrid deep learning model with improved feature selection. Applied Sciences, 11(24), 11634. https://doi.org/10.3390/app112411634

Amjad, A., et al. (2019). Detection and mitigation of DDoS attack in the cloud computing using machine learning EAI Endorsed algorithm. Transactions on Scalable Information Systems, 6(23), e7. https://doi.org/10.4108/eai.13-7-2018.162806

Balasubramaniam, S., et al. (2023). Optimization enabled deep learning-based DDoS attack detection in the cloud computing. International Journal of Intelligent Systems. https://doi.org/10.1155/2023/9673284

Chen, X., et al. (2022). Adaptive federated learning for edge computing. IEEE Transactions on Mobile Computing. https://doi.org/10.1109/TMC.2022.3170423

Cil, A. E., et al. (2021). Detection of DDoS attacks with feed forward based deep neural network models. Expert Systems with Applications, 169, 114520. https://doi.org/10.1016/j.eswa.2020.114520

Dinh, P. T., & Park, M. (2021). R-EDoS: Robust economic denial of sustainability detection in an SDN-based cloud through stochastic recurrent neural networks. IEEE Access, 9, 35057–35074. https://doi.org/10.1109/ACCESS.2021.3051573

Elman, J. L. (1990). Finding structure in time. Cognitive Science, 14(2), 179–211. https://doi.org/10.1207/s15516709cog1402_1

Katiravan, J., & S., P. S. (2024). Botnets attack detection in IoT devices using ensemble classifiers. International Research Journal of Multidisciplinary Technovation, 6(3), 274–295. https://doi.org/10.54392/irjmt24321

Khan, M. A., et al. (2023). Lightweight hybrid IDS based on deep ensemble and federated learning. Computers & Security, 128, 103208. https://doi.org/10.1016/j.cose.2023.103208

Khempetch, T., & Wuttidittachotti, P. (2021). DDoS attack detection using deep learning. IAES International Journal of Artificial Intelligence, 10(2), 382–389. https://doi.org/10.11591/ijai.v10.i2.pp382-389

Kushwah, G. S., & Ranga, V. (2021). Optimized extreme learning machine for detecting DDoS attacks in the cloud computing. Computers & Security, 105, 102260. https://doi.org/10.1016/j.cose.2021.102260

Li, T., et al. (2021). A survey on federated learning: The journey towards privacy-preserving machine learning. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2021.3050775

Meng, W., et al. (2020). Building a secure blockchain-based authentication and credentials management system. Future Generation Computer Systems, 103, 490–498. https://doi.org/10.1016/j.future.2019.09.003

Moustafa, N., & Slay, J. (2019). The TON_IoT datasets for AI-IoT applications. Sensors, 19(1), 65. https://doi.org/10.3390/s19010065

Potluri, S., et al. (2020). Detection and prevention mechanisms for DDoS attack in the cloud computing environment. In 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (pp. 1–6). IEEE. https://doi.org/10.1109/ICCCNT49239.2020.9225520

Priyadarshini, R., & Barik, R. K. (2022). A deep learning-based intelligent framework to mitigate DDoS attack in fog environment. Journal of King Saud University-Computer and Information Sciences, 34(3), 825–831. https://doi.org/10.1016/j.jksuci.2018.09.014

Rose, S., et al. (2020). Zero Trust Architecture (NIST SP 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207

Sharafaldin, I., et al. (2019). Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In 2019 International Carnahan Conference on Security Technology (ICCST) (pp. 1–8). IEEE. https://doi.org/10.1109/CCST.2019.8888419.

Downloads

Published

2025-05-30

How to Cite

Danang Danang, Indra Ava Dianta, Agustinus Budi Santoso, & Siti Kholifah. (2025). Hybrid CNN GRU Framework for Early Detection and Adaptive Mitigation of DDoS Attacks in SDN using Image Based Traffic Analysis . International Journal of Information Engineering and Science, 2(3), 22–31. https://doi.org/10.62951/ijies.v2i2.292

Issue

Vol. 2 No. 3 (2025): August : International Journal of Information Engineering and Science

Section

Articles

License

Copyright (c) 2025 International Journal of Information Engineering and Science

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Similar Articles

1 2 3 > >> 

You may also start an advanced similarity search for this article.