TY - JOUR AU - Dhadhal , Hema Surendrakumar AU - Kotak, Paresh P PY - 2023 TI - DDoS Attack Detection Using Enhanced Neural Network Algorithm in Software-Defined Networks JF - Journal of Computer Science VL - 19 IS - 6 DO - 10.3844/jcssp.2023.749.759 UR - https://thescipub.com/abstract/jcssp.2023.749.759 AB - With the uncommon advancement of technology and networking, the world today is totally relying on it. The most obvious drawback of this technical progress resulted in several possible dangers. A Distributed Denial of Service (DDoS) attack is one in which a large number of compromised systems work together to prevent service from being provided to the targeted system. Consequently, to protect network servers, attack detection systems must be very effective. The proposed architecture has Software Defined Networks (SDN) which comprise controllers and SFlow agents. According to the article, the anomaly detection of statistical traffic, which is performed on both normal and pathological anomaly traces in the packet header, as well as traffic volume detection, is based on the suggested work provided in this study. The k-means clustering technique is used by the statistical anomaly detection system and the attack alert aggregation system. Low-level attack detection systems are used to generate cluster dissimilar warnings, which are then investigated further. Clusters generate meta-alerts based on the information they have gathered. After that, the report of meta-alerts is sent to the security specialists. The online alert aggregation technique, which is also known as the probabilistic model, is used to identify new assaults on a system. The k-means clustering method is used to improve the quality of the traffic data streams. The Enhanced Neural Network Algorithm (ENNA) is being used to advance the intelligent attack detection system, which is currently under development. It is utilized in open-day controllers to identify attacks with a 99.7% accuracy by using Mininet and the Python simulation tool (ODL). In future work, it is possible to evaluate how the suggested detection method would be used in the event of subnet attacks and its mitigation.