Abstract

The increasing prevalence of Distributed Denial-of-Service (DDoS) attacks in Software- Defined Networking (SDN)-based IoT environments poses a significant security challenge. Existing detection methods often suffer from limited accuracy, high false positive rates, and poor scalability, leading to delayed mitigation and network disruptions. This project proposes an ensemble learning approach combining K-Nearest Neighbors (KNN) and Light GBM to enhance real-time DDoS attack detection and mitigation. KNN efficiently classifies network traffic based on proximity, while Light GBM utilizes gradient boosting to improve detection accuracy and adaptability to evolving attack patterns. The proposed model leverages IoT controllers for dynamic mitigation, ensuring minimal impact on network performance. Key advantages of this approach include reduced false positives, improved scalability, and faster response times, making it highly effective for real-world IoT security applications. The system processes network traffic features such as packet rate, flow duration, and entropy, providing robust anomaly detection. Experimental evaluation on benchmark datasets demonstrates superior accuracy, precision, and recall compared to traditional methods. By integrating lightweight and adaptive machine learning models, this solution significantly enhances IoT network security, offering a scalable and efficient defense against DDoS threats.