Akademik Veri Yönetim Sistemi
IEEE Access, cilt.13, ss.194657-194676, 2025 (SCI-Expanded, Scopus)
This paper presents an innovative deep learning (DL)-based approach to detect Distributed Denial of Service (DDoS) attacks in 5G-integrated Software Defined Network (SDN) environments. One of the key contributions of the work is the SD5GJA4 dataset, which contains real traffic data collected in an SDN-based 5G testbed developed by the researchers. Unlike the commonly used synthetic datasets, this dataset reflects real-world traffic behavior, providing a more robust evaluation environment. Another important innovation is the use of the recently emerged JA4 fingerprinting technology in encrypted traffic analysis. Extracting JA4-based features makes it possible to detect anomalous behavior effectively even within encrypted Transport Layer Security (TLS) traffic. Although JA4 technology is a promising method in the field of cybersecurity, its use in the detection of SDN-based DDoS attacks has hardly been addressed in the literature. Our proposed hybrid CNN-LSTM model outperforms traditional machine learning (ML) and singular DL models in the literature with 99.98% accuracy and 100% recall using JA4 fingerprints. This work provides a scalable and low-latency solution suitable for real-time applications and is a significant contribution to the limited literature on JA4-enabled security mechanisms in next-generation networks.