Intrusion Detection with Bayesian Optimization on Imbalance Wired Wireless and Software-Defined Networking Traffics

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Download Full-text

Modified Deep Learning Methodology Based Malicious Intrusion Detection System in Software Defined Networking

International Journal of Computer Networks And Applications ◽

10.22247/ijcna/2021/209704 ◽

2021 ◽

Vol 8 (4) ◽

pp. 381

Author(s):

Thangaraj Ethilu ◽

Abirami Sathappan ◽

Paul Rodrigues

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Software Defined Networking

Download Full-text

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

Electronics ◽

10.3390/electronics9091533 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1533 ◽

Cited By ~ 1

Author(s):

Tuan Anh Tang ◽

Lotfi Mhamdi ◽

Des McLernon ◽

Syed Ali Raza Zaidi ◽

Mounir Ghogho ◽

...

Keyword(s):

Neural Network ◽

Deep Learning ◽

Intrusion Detection ◽

Detection System ◽

Software Defined Networking ◽

Cost Effective ◽

The Internet ◽

Network Intrusion ◽

Effective Network ◽

Control Application

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.

Download Full-text