A Hybrid CNN-PSO Model for Efficient DDoS Detection in SDN

In today’s digital era, the proliferation of online services has rendered networks increasingly vulnerable to Distributed Denial-of-Service (DDoS) attacks, which can severely disrupt availability and cause significant economic and reputational losses. Software-Defined Networking (SDN), as a promising paradigm for programmable and flexible network management, offers both opportunities and challenges in mitigating such threats. However, the centralized architecture of SDN controllers exposes them to being prime targets for DDoS attacks, demanding advanced detection mechanisms. Traditional detection systems, often signature-based or threshold-based, struggle with novel or complex attack patterns, producing high false positive rates and insufficient detection accuracy. To address these limitations, this paper proposes a hybrid model that integrates Convolutional Neural Networks (CNNs) for feature extraction with Particle Swarm Optimization (PSO) for hyperparameter tuning, tailored for DDoS detection in SDN environments. The CNN leverages deep learning capabilities to automatically capture spatial patterns in traffic data, while PSO optimizes model parameters to enhance detection precision and reduce false alarms. Mathematical formulation of PSO is introduced to optimize CNN hyperparameters, achieving a 0.8% improvement in accuracy over baseline CNN. Experimental evaluations conducted in an SDN testbed using Mininet and the POX controller demonstrate that the proposed CNN-PSO model significantly outperforms baseline CNN and traditional machine learning approaches. The hybrid model achieves higher accuracy, improved F1-scores, and reduced false positive rates, confirming its potential as a scalable and intelligent defense mechanism against evolving DDoS threats in modern network infrastructures.