“…Clearly, the prevention and mitigation of DoS and DDoS incidents are of major importance since they can disrupt network operations, reduce performance, and risk service availability. Detecting and mitigating DoS and DDoS attacks in SDN environments involves employing robust security measures that may include (
) traffic monitoring and analysis, (
) rate limiting and traffic shaping, (
) flow‐based anomaly detection, (
) blacklisting and whitelisting, and (
) collaborative defense
3,4,11,12 . In traffic monitoring, the SDN controllers and switches monitor network traffic patterns to detect anomalous behavior, such as an abnormally high number of packets from a single source.…”