Software-defined network (SDN) introduces a programmable and centralized control mechanism for managing network infrastructure, enhancing flexibility and efficiency. However, this architecture is prone to security threats, particularly distributed denial of service (DDoS) attacks that exploit centralized control. This study presents a comparative analysis of several deep learning (DL) models—namely, multilayer perceptron (MLP), artificial neural network (ANN), convolutional neural network (CNN), recurrent neural network (RNN), and long short-term memory (LSTM)—for detecting DDoS threats within SDN environments. The research incorporates key preprocessing techniques such as feature selection and synthetic minority oversampling technique (SMOTE) to handle class imbalance. The results indicate that sequence-aware models like LSTM and RNN are highly effective in interpreting temporal network behavior, with LSTM achieving the highest performance (accuracy: 91%, precision: 86%, recall: 94%, and F1-score: 90%). These findings underscore the potential of advanced DL methods in fortifying SDN infrastructures against complex cyber threats.

Deep learning; Distributed denial of service attack; Openflow protocol; SMOTE; Software-defined networks