arsheen/IDS-on-SDN-using-Machine-Learning

This project is a classic example of an academic or student reference implementation from the mid-2010s (approx. 8 years old). While it addresses a valid niche—SDN security—it uses a standard Random Forest approach on basic flow statistics, which is now considered a 'Hello World' exercise in machine learning for networking. With only 42 stars and 14 forks accumulated over nearly a decade and zero recent activity, it lacks any community momentum or network effects. The defensibility is near-zero as the logic is trivially reproducible and has been superseded by more advanced Deep Learning techniques (LSTMs, Graph Neural Networks) and production-grade tools like Suricata or Snort with ML plugins. Platform risk is high because cloud providers (AWS, GCP, Azure) and network hardware giants (Cisco, Arista) have integrated sophisticated flow-based anomaly detection directly into their SDN fabrics. It serves primarily as a historical reference for how researchers once approached SDN-specific IDS.