scholarly journals Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

2021 ◽  
Author(s):  
Md. Rayhan Ahmed ◽  
salekul Islam ◽  
Swakkhar Shatabda ◽  
A. K. M. Muzahidul Islam ◽  
Md. Towhidul Islam Robin
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Benchmark Datasets ◽  
Comprehensive Survey

<div>At present, the Internet is facing numerous attacks of different kinds that put its data at risk. The safety of information within the network is, therefore, a significant concern. In order to prevent the loss of incredibly valuable information, the Intrusion Detection System (IDS) was developed to recognize the outbreak of a stream of attacks and notify the network system administrator providing network security. IDS is an extrapolative model used to detect network traffic as routine or attack. Software-Defined Networks (SDN) is a revolutionary paradigm that isolates the control plane from the data plane, transforming the concept of a software-driven network. Through this data and control plane separation, SDN provides us the opportunity to create a manageable and programmable network, allowing applications in the top plane to access physical devices via the controller. The controller functioning inside the control plane executes network modules and establishes flow rules to forward packets in the switches residing in the data plane. Cyber attackers target the SDN controller to subdue the control plane, which is considered the brain of the SDN, providing a plethora of functionalities such as regulating flow control to switches or routers in the data plane below via southbound Application Programming Interfaces (APIs) and business and application logic in the application plane above via northbound APIs to implement sophisticated networks. However, the control plane becomes a tempting prospect for security attacks from adversaries because of its centralization feature. This paper includes an in-depth overview of the notable published articles from 2015 to 2021 that used Machine Learning (ML) and Deep Learning (DL) techniques to construct an IDS solution to provide security for SDN. We also present two detailed taxonomic studies regarding IDS, and ML-DL techniques based on their learning categories, exploring various IDS solutions to secure the SDN paradigm. We have also conducted brief research on a few benchmark datasets used to construct IDS in the SDN paradigm. To conclude the survey, we provide a discussion that sheds light on continuous challenges and IDS issues for SDN security.</div>

scholarly journals Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey

2021 ◽  
Author(s):  
Md. Rayhan Ahmed ◽  
salekul Islam ◽  
Swakkhar Shatabda ◽  
A. K. M. Muzahidul Islam ◽  
Md. Towhidul Islam Robin
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Benchmark Datasets ◽  
Comprehensive Survey

<div>At present, the Internet is facing numerous attacks of different kinds that put its data at risk. The safety of information within the network is, therefore, a significant concern. In order to prevent the loss of incredibly valuable information, the Intrusion Detection System (IDS) was developed to recognize the outbreak of a stream of attacks and notify the network system administrator providing network security. IDS is an extrapolative model used to detect network traffic as routine or attack. Software-Defined Networks (SDN) is a revolutionary paradigm that isolates the control plane from the data plane, transforming the concept of a software-driven network. Through this data and control plane separation, SDN provides us the opportunity to create a manageable and programmable network, allowing applications in the top plane to access physical devices via the controller. The controller functioning inside the control plane executes network modules and establishes flow rules to forward packets in the switches residing in the data plane. Cyber attackers target the SDN controller to subdue the control plane, which is considered the brain of the SDN, providing a plethora of functionalities such as regulating flow control to switches or routers in the data plane below via southbound Application Programming Interfaces (APIs) and business and application logic in the application plane above via northbound APIs to implement sophisticated networks. However, the control plane becomes a tempting prospect for security attacks from adversaries because of its centralization feature. This paper includes an in-depth overview of the notable published articles from 2015 to 2021 that used Machine Learning (ML) and Deep Learning (DL) techniques to construct an IDS solution to provide security for SDN. We also present two detailed taxonomic studies regarding IDS, and ML-DL techniques based on their learning categories, exploring various IDS solutions to secure the SDN paradigm. We have also conducted brief research on a few benchmark datasets used to construct IDS in the SDN paradigm. To conclude the survey, we provide a discussion that sheds light on continuous challenges and IDS issues for SDN security.</div>

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

scholarly journals Explanation Framework for Intrusion Detection

2020 ◽  
pp. 83-91
Author(s):  
Nadia Burkart ◽  
Maximilian Franz ◽  
Marco F. Huber
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positives ◽  
Human Reasoning ◽  
Malicious Activity ◽  
Specific Policy ◽  
Decision Boundaries

AbstractMachine learning and deep learning are widely used in various applications to assist or even replace human reasoning. For instance, a machine learning based intrusion detection system (IDS) monitors a network for malicious activity or specific policy violations. We propose that IDSs should attach a sufficiently understandable report to each alert to allow the operator to review them more efficiently. This work aims at complementing an IDS by means of a framework to create explanations. The explanations support the human operator in understanding alerts and reveal potential false positives. The focus lies on counterfactual instances and explanations based on locally faithful decision-boundaries.

An intrusion detection system for health-care system using machine and deep learning

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Sagar Pande ◽  
Aditya Khamparia ◽  
Deepak Gupta
Keyword(s):  
Machine Learning ◽  
Health Care ◽  
Deep Learning ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Content Type ◽  
Learning Techniques

Purpose One of the important key components of health care–based system is a reliable intrusion detection system. Traditional techniques are not adequate to handle complex data. Also, the diversified intrusion techniques cannot meet current network requirements. Not only the data is getting increased but also the attacks are increasing very rapidly. Deep learning and machine learning techniques are very trending in the area of research in the area of network security. A lot of work has been done in this area by still evolutionary algorithms along with machine learning is very rarely explored. The purpose of this study is to provide novel deep learning framework for the detection of attacks. Design/methodology/approach In this paper, novel deep learning is the framework is proposed for the detection of attacks. Also, a comparison of machine learning and deep learning algorithms is provided. Findings The obtained results are more than 99% for both the data sets. Research limitations/implications The diversified intrusion techniques cannot meet current network requirements. Practical implications The data is getting increased but also the attacks are increasing very rapidly. Social implications Deep learning and machine learning techniques are very trending in the area of research in the area of network security. Originality/value Novel deep learning is the framework is proposed for the detection of attacks.

scholarly journals Sequential Model Based Intrusion Detection System for IoT Servers Using Deep Learning Methods

Sensors ◽  
2021 ◽  
Vol 21 (4) ◽  
pp. 1113
Author(s):  
Ming Zhong ◽  
Yajin Zhou ◽  
Gang Chen
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Language Processing ◽  
Intrusion Detection System ◽  
Detection System ◽  
Learning Methods ◽  
Sequential Model ◽  
Machine Learning Methods ◽  
Model Based

IoT plays an important role in daily life; commands and data transfer rapidly between the servers and objects to provide services. However, cyber threats have become a critical factor, especially for IoT servers. There should be a vigorous way to protect the network infrastructures from various attacks. IDS (Intrusion Detection System) is the invisible guardian for IoT servers. Many machine learning methods have been applied in IDS. However, there is a need to improve the IDS system for both accuracy and performance. Deep learning is a promising technique that has been used in many areas, including pattern recognition, natural language processing, etc. The deep learning reveals more potential than traditional machine learning methods. In this paper, sequential model is the key point, and new methods are proposed by the features of the model. The model can collect features from the network layer via tcpdump packets and application layer via system routines. Text-CNN and GRU methods are chosen because the can treat sequential data as a language model. The advantage compared with the traditional methods is that they can extract more features from the data and the experiments show that the deep learning methods have higher F1-score. We conclude that the sequential model-based intrusion detection system using deep learning method can contribute to the security of the IoT servers.

scholarly journals Intelligent and Effective Intrusion Detection System using Machine Learning Algorithm

2020 ◽  
Vol 9 (6) ◽  
pp. 237-240
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Support Vector ◽  
Machine Learning Algorithm ◽  
Data Set ◽  
Training Time

Intrusion Detection System observes the network traffic and identifies the attack and also inform the admin to corrective action. Powerful Intrusion Detection system is required for detection to various modern attack. There is need of efficient Intrusion Detection system .The focus of IDS research is the application of machine Learning and Deep Learning techniques. Projected work is combination of Deep Learning Technique in which Non Symmetric Deep Auto Encoder and Machine Learning Algorithm, Support Vector Machine Classifier is used to develop the Model. Stack power of the Non symmetric Deep Auto Encoder and Quickness with exactness of the SVM makes the Model very efficient. This Model not only improves the accuracy value but also improve recall and precision. It also cause the reduction of training time .To evaluate the performance of the Model and do the analysis the special Data set which are used are KDD CUP and NSL KDD Dataset.

Sign in / Sign up

Export Citation Format

Share Document