Artificial intelligence-based detection methods in software-defined networks for identifying denial-of-service attacks. A systematic literature review. (#419)

Authors

Peña, Willy

Cubas, Sixto

Abstract

As software-defined networks (SDNs) expand, so do the threats that affect them, especially denial-of-service (DoS) attacks. The ability to efficiently detect these attacks is critical to maintaining the integrity and availability of services in SDN environments. The purpose of this research is to conduct a systematic review (SR) of artificial intelligence (AI)-based detection methods used in SDN to detect DoS attacks, analyzing their technological characteristics and efficiency. To this end, 70 documents obtained from the Scopus and Web of Science databases, published between 2021 and 2025, were rigorously analyzed, including machine learning and deep learning models focused on detecting these threats. This review covers aspects such as: the characteristics of denial-of-service (DoS) attacks, the AI methods and models used, as well as the metrics and performance measures reported in the studies to evaluate the efficiency of these methods. The results show that most approaches achieve detection rates above 80% when using metrics such as accuracy, recall, and F1-score; however, limitations are identified in the detection of low-intensity attacks and in the handling of unbalanced datasets. In conclusion, it is indicated that artificial intelligence-based methods have high potential for protection in software-defined networks; however, an improvement in performance metrics and an adequate response to different attack variants are considered necessary in order to achieve greater effectiveness in real environments.