A Survey on Intrusion Detection System for Software Defined Networks (SDN)

2020 ◽

Vol 16 (1) ◽

pp. 28-47 ◽

Cited By ~ 5

Author(s):

Yogita Hande ◽

Akkalashmi Muddana

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Network Architecture ◽

Detection System ◽

Learning Approach ◽

Distinctive Features ◽

Detection Systems ◽

Security Challenges ◽

Machine Learning Approach

Presently, the advances of the internet towards a wide-spread growth and the static nature of traditional networks has limited capacity to cope with organizational business needs. The new network architecture software defined networking (SDN) appeared to address these challenges and provides distinctive features. However, these programmable and centralized approaches of SDN face new security challenges which demand innovative security mechanisms like intrusion detection systems (IDS's). The IDS of SDN are designed currently with a machine learning approach; however, a deep learning approach is also being explored to achieve better efficiency and accuracy. In this article, an overview of the SDN with its security concern and IDS as a security solution is explained. A survey of existing security solutions designed to secure the SDN, and a comparative study of various IDS approaches based on a deep learning model and machine learning methods are discussed in the article. Finally, we describe future directions for SDN security.

Download Full-text

A New Deep Learning Approach for Anomaly Base IDS using Memetic Classifier

International Journal of Computers Communications & Control ◽

10.15837/ijccc.2017.5.2972 ◽

2017 ◽

Vol 12 (5) ◽

pp. 677 ◽

Cited By ~ 10

Author(s):

Shahriar Mohammadi ◽

Amin Namadchian

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Large Scale ◽

Detection System ◽

Intrusion Detection Systems ◽

Learning Approach ◽

Detection Systems ◽

Video Mining ◽

Proposed Model ◽

Evaluation Algorithm

A model of an intrusion-detection system capable of detecting attack in computer networks is described. The model is based on deep learning approach to learn best features of network connections and Memetic algorithm as final classifier for detection of abnormal traffic.One of the problems in intrusion detection systems is large scale of features. Which makes typical methods data mining method were ineffective in this area. Deep learning algorithms succeed in image and video mining which has high dimensionality of features. It seems to use them to solve the large scale of features problem of intrusion detection systems is possible. The model is offered in this paper which tries to use deep learning for detecting best features.An evaluation algorithm is used for produce final classifier that work well in multi density environments.We use NSL-KDD and Kdd99 dataset to evaluate our model, our findings showed 98.11 detection rate. NSL-KDD estimation shows the proposed model has succeeded to classify 92.72% R2L attack group.

Download Full-text

A technical review and comparative analysis of machine learning techniques for intrusion detection systems in MANET

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i3.pp2701-2709 ◽

2020 ◽

Vol 10 (3) ◽

pp. 2701

Author(s):

Safaa Laqtib ◽

Khalid El Yassini ◽

Moulay Lahcen Hasnaoui

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Intrusion Detection Systems ◽

Machine Learning Techniques ◽

Learning Methods ◽

Detection Systems ◽

Learning Techniques

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network Inception-CNN, Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning methods in MANET.

Download Full-text

Machine Learning and Deep Learning Techniques for IoT-based Intrusion Detection Systems: A Literature Review

International Journal of Management, Technology, and Social Sciences ◽

10.47992/ijmts.2581.6012.0172 ◽

2021 ◽

pp. 296-314

Author(s):

Laiby Thomas ◽

Subramanya Bhat

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Literature Review ◽

Intrusion Detection ◽

Detection System ◽

Main Idea ◽

Intrusion Detection Systems ◽

Iot Security ◽

Detection Systems ◽

Learning Techniques

Purpose: The authors attempt to examine the work done in the area of Intrusion Detection System in IoT utilizing Machine Learning/Deep Learning technique and various accessible datasets for IoT security in this review of literature. Methodology: The papers in this study were published between 2014 and 2021 and dealt with the use of IDS in IoT security. Various databases such as IEEE, Wiley, Science Direct, MDPI, and others were searched for this purpose, and shortlisted articles used Machine Learning and Deep Learning techniques to handle various IoT vulnerabilities. Findings/Result: In the past few years, the IDS has grown in popularity as a result of their robustness. The main idea behind intrusion detection systems is to detect intruders in a given region. An intruder is a host that tries to connect to other nodes without permission in the world of the Internet of Things. In the field of IDS, there is a research gap. Different ML/DL techniques are used for IDS in IoT. But it does not properly deal with complexity issues. Also, these techniques are limited to some attacks, and it does not provide high accuracy. Originality: A review had been executed from various research works available from online databases and based on the survey derived a structure for the future study. Paper Type: Literature Review.

Download Full-text

A Review of Intrusion Detection System in IoT with Machine Learning Approach: Current and Future Research

2020 6th International Conference on Science in Information Technology (ICSITech) ◽

10.1109/icsitech49800.2020.9392075 ◽

2020 ◽

Author(s):

Eddy Prasetyo Nugroho ◽

Taufik Djatna ◽

Imas Sukaesih Sitanggang ◽

Agus Buono ◽

Irman Hermadi

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Future Research ◽

Learning Approach ◽

Machine Learning Approach

Download Full-text

Unified deep learning approach for efficient intrusion detection system using integrated spatial-temporal features

Knowledge-Based Systems ◽

10.1016/j.knosys.2021.107132 ◽

2021 ◽

pp. 107132

Author(s):

P. Rajesh Kanna ◽

P. Santhi

Keyword(s):

Deep Learning ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Learning Approach ◽

Temporal Features

Download Full-text

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-200850 ◽

2020 ◽

pp. 1-20

Author(s):

K. Muthamil Sudar ◽

P. Deepalakshmi

Keyword(s):

Machine Learning ◽

Feature Selection ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Network Architecture ◽

Detection System ◽

Software Defined Networking ◽

Control Plane ◽

Control Logic ◽

Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Download Full-text