الفهرس 
AcknowledgmentOnly 14 pages are availabe for public view
 |  | from | 142 |  |  |
| | | from | 142 | | |
Abstract
Software-Defined Networking (SDN) is a new network architecture that separates the control plane from the date plane . It has central network control, and programmability facilities, therefore SDN can improve network flexibility, management, performance, and scalability. Although SDN has many benefits, it has some security challenges that threaten the proper performance of the network such as distributed denial of service (DDoS) attacks that target attacking the control plane as well as the data plane.
There are a lot of security methods that defend against DDoS attacks in SDN which include entropy –based , traffic pattern analysis –based , and Machine Learning-based (ML). Entropy and traffic pattern techniques have low overhead but they suffer mainly from the difficulty to adapt the network changes and different network behaviors. ML techniques are preferred to detect malicious activity since they are self-learning and can adapt to several network states.