Dynamic Entropy approaches and Machine Learning techniques are both used in the detection of DDoS attacks in SDN. Dynamic Entropy approaches utilize Network traffic statistics to calculate entropy of the network packets. And when the entropy value surpasses the threshold, the system flags the packet as a potential DDoS attack. On the other hand, Machine Learning algorithms classify incoming traffic as either normal or an attack, based on previously learned patterns and features.

Both methods have their advantages and disadvantages. Yet, in some cases, dynamic entropy approaches can provide better results compared to Machine Learning. One of the downsides of Machine Learning is its susceptibility to adversarial attacks, where attackers may exploit the model's weaknesses to evade detection. Besides, Machine Learning requires large datasets to achieve high accuracy. On the other hand, the entropy-based approach provides a quick and light-weight solution that can detect zero-day attacks and can be adapted quickly to new and evolving threats.

In conclusion, both Dynamic Entropy and Machine Learning approaches have their use-cases and can complement each other in detecting DDoS attacks in SDN.

There are a few disadvantages of using dynamic entropy in detecting DDoS attacks in SDN:

1. Increased overhead: Dynamic entropy requires additional overhead for each packet, which can introduce delays and strain network resources.

2. Limited applicability: Dynamic entropy may not be effective in detecting certain types of DDoS attacks, such as slow attacks or those that do not vary in frequency or duration.

3. False positives: Dynamic entropy may also generate false positives, where benign traffic is misclassified as suspicious, which can result in unnecessary intervention by the network.

4. Limited scalability: Dynamic entropy may become less effective as the scale of the network increases, as it becomes more difficult to accurately measure the entropy of traffic on a larger network.

Overall, while dynamic entropy can be an effective tool in detecting DDoS attacks in SDN, it is important to balance its advantages against its potential drawbacks.

Bineet Kumar Joshi