Intrusion Detection Using Fuzzy Logic in Software Defined Networking

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Attribute selection using information gain for a fuzzy logic intrusion detection system

10.1117/12.666611 ◽

2006 ◽

Cited By ~ 2

Author(s):

Jesús González-Pino ◽

Janica Edmonds ◽

Mauricio Papa

Keyword(s):

Fuzzy Logic ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Information Gain ◽

Detection System ◽

Attribute Selection

Modified Deep Learning Methodology Based Malicious Intrusion Detection System in Software Defined Networking

International Journal of Computer Networks And Applications ◽

10.22247/ijcna/2021/209704 ◽

2021 ◽

Vol 8 (4) ◽

pp. 381

Author(s):

Thangaraj Ethilu ◽

Abirami Sathappan ◽

Paul Rodrigues

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Software Defined Networking

A New Method for Intrusion Detection on RPL Routing Protocol Using Fuzzy Logic

2020 6th International Conference on Web Research (ICWR) ◽

10.1109/icwr49608.2020.9122278 ◽

2020 ◽

Author(s):

Behnam Farzaneh ◽

Mohammad Koosha ◽

Elahe Boochanpour ◽

Emad Alizadeh

Keyword(s):

Fuzzy Logic ◽

Intrusion Detection ◽

Routing Protocol ◽

New Method

Cloud Security: LKM and Optimal Fuzzy System for Intrusion Detection in Cloud Environment

Journal of Intelligent Systems ◽

10.1515/jisys-2018-0479 ◽

2019 ◽

Vol 29 (1) ◽

pp. 1626-1642 ◽

Cited By ~ 1

Author(s):

S. Immaculate Shyla ◽

S.S. Sujatha

Keyword(s):

Fuzzy Logic ◽

Intrusion Detection ◽

Detection System ◽

Denial Of Service ◽

Cloud Security ◽

Fuzzy Logic System ◽

Suggested Method ◽

Cloud Environment ◽

Financial Loss ◽

Logic System

Abstract In cloud security, intrusion detection system (IDS) is one of the challenging research areas. In a cloud environment, security incidents such as denial of service, scanning, malware code injection, virus, worm, and password cracking are getting usual. These attacks surely affect the company and may develop a financial loss if not distinguished in time. Therefore, securing the cloud from these types of attack is very much needed. To discover the problem, this paper suggests a novel IDS established on a combination of a leader-based k-means clustering (LKM), optimal fuzzy logic system. Here, at first, the input dataset is grouped into clusters with the use of LKM. Then, cluster data are afforded to the fuzzy logic system (FLS). Here, normal and abnormal data are inquired by the FLS, while FLS training is done by the grey wolf optimization algorithm through maximizing the rules. The clouds simulator and NSL-Knowledge Discovery and DataBase (KDD) Cup 99 dataset are applied to inquire about the suggested method. Precision, recall, and F-measure are conceived as evaluation criteria. The obtained results have denoted the superiority of the suggested method in comparison with other methods.

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

Electronics ◽

10.3390/electronics9091533 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1533 ◽

Cited By ~ 1

Author(s):

Tuan Anh Tang ◽

Lotfi Mhamdi ◽

Des McLernon ◽

Syed Ali Raza Zaidi ◽

Mounir Ghogho ◽

...

Keyword(s):

Neural Network ◽

Deep Learning ◽

Intrusion Detection ◽

Detection System ◽

Software Defined Networking ◽

Cost Effective ◽

The Internet ◽

Network Intrusion ◽

Effective Network ◽

Control Application

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.

Intrusion detection system modeling based on neural networks and fuzzy logic

2016 IEEE 20th Jubilee International Conference on Intelligent Engineering Systems (INES) ◽

10.1109/ines.2016.7555118 ◽

2016 ◽

Cited By ~ 5

Author(s):

A. Midzic ◽

Z. Avdagic ◽

S. Omanovic

Keyword(s):

Neural Networks ◽

Fuzzy Logic ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

System Modeling

Intrusion Detection In Software Defined Networking Using Snort And Mirroring

International Journal of Engineering Trends and Technology ◽

10.14445/22315381/ijett-v68i4p212s ◽

2020 ◽

Vol 68 (4) ◽

pp. 66-74

Author(s):

Nithya Sampath ◽

Jayakumar Sadhasivam ◽

Senthil Jayavel ◽

Swetha Chindarmony N ◽

Sakshi Sharma

Keyword(s):

Intrusion Detection ◽

Software Defined Networking

HMM-Based Intrusion Detection System for Software Defined Networking

2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA) ◽

10.1109/icmla.2016.0108 ◽

2016 ◽

Cited By ~ 3

Author(s):

Trae Hurley ◽

Jorge E. Perdomo ◽

Alexander Perez-Pons

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Software Defined Networking

Intrusion Detection System using Fuzzy Logic

Southeast Europe Journal of Soft Computing ◽

10.21533/scjournal.v2i1.39 ◽

2013 ◽

Vol 2 (1) ◽

Cited By ~ 1

Author(s):

Alma Husagic Selman

Keyword(s):

Fuzzy Logic ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System