Comparative Analysis between the k-means and Fuzzy c-means Algorithms to Detect UDP Flood DDoS Attack on a SDN/NFV Environment

João Neto, Layse Souza, Admilson Ribeiro


Distributed Denial of Service (DDoS) attacks are a growing issue for computer networks security and have become a serious network security problem. Environments based on Software Defined Networking (SDN) and Network Function Virtualization (NFV) offers the ability to program a network and allows dynamic creation of flow policies. Allied to that, clustering algorithms can be used to classify and detect DDoS. This paper presents a study and an analysis of two unsupervised machine learning algorithms used to detect DDoS attacks in an SDN/NFV simulated environment. The results obtained by the two algorithms include an accuracy rate of 99% and the k-means algorithm was 33% faster than fuzzy c-means, which demonstrates its effectiveness and scalability.


Paper Citation