HMM-Based Intrusion Detection System for Software Defined Networking

2016 ◽  
Author(s):  
Trae Hurley ◽  
Jorge E. Perdomo ◽  
Alexander Perez-Pons
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networking

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

Securing Software Defined Networking Using Intrusion Detection System - A Review

2021 ◽  
pp. 417-446
Author(s):  
Noor Al-Mi’ani ◽  
Mohammed Anbar ◽  
Yousef Sanjalawe ◽  
Shankar Karuppayah
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networking ◽  
System A

scholarly journals Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking

Symmetry ◽  
2019 ◽  
Vol 12 (1) ◽  
pp. 7 ◽  
Author(s):  
Samrat Kumar Dey ◽  
Md. Mahbubur Rahman
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Intrusion Detection System ◽  
Learning Algorithm ◽  
Detection System ◽  
Single Point ◽  
Software Defined Networking ◽  
Recursive Feature Elimination

Recent advancements in software-defined networking (SDN) make it possible to overcome the management challenges of traditional networks by logically centralizing the control plane and decoupling it from the forwarding plane. Through a symmetric and centralized controller, SDN can prevent security breaches, but it can also bring in new threats and vulnerabilities. The central controller can be a single point of failure. Hence, flow-based anomaly detection system in OpenFlow Controller can secure SDN to a great extent. In this research, we investigated two different approaches of flow-based intrusion detection system in OpenFlow Controller. The first of which is based on machine-learning algorithm where NSL-KDD dataset with feature selection ensures the accuracy of 82% with random forest classifier using the gain ratio feature selection evaluator. In the later phase, the second approach is combined with a deep neural network (DNN)-based intrusion detection system based on gated recurrent unit-long short-term memory (GRU-LSTM) where we used a suitable ANOVA F-Test and recursive feature elimination selection method to boost classifier output and achieve an accuracy of 88%. Substantial experiments with comparative analysis clearly show that, deep learning would be a better choice for intrusion detection in OpenFlow Controller.

scholarly journals Flow Based Intrusion Detection System for Software Defined Networking using Hybrid Machine Learning Technique

2019 ◽  
Vol 9 (2S2) ◽  
pp. 1026-1033
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Software Defined Networking ◽  
Machine Learning Technique ◽  
Security Issues ◽  
Learning Technique ◽  
Flow Information ◽  
Hybrid Machine

Software Defined Networking and OpenFlow protocol have been recently emerged as dynamic and promising framework for future networks. Even though, programmable features and logically centralized controller leads to large number of security issues. To address the security problems, we have to impose Intrusion Detection System module to continuously keep track of the network traffic and to detect the malicious activities in the SDN environment. In this paper, we have implemented flow-based IDS with the help of hybrid machine learning technique. By collecting the flow information from the controller, we classify the traffic, extract the essential features and classify the attack using machine learning based classifier module. For classifier, we have developed hybrid machine learning model with the help of Modified K-Means and C4.5 algorithm. Our proposed work is compared with single machine learning classifier and our experimental results show that, proposed work can classify the normal and attack instances with accuracy of 97.66%.

Sign in / Sign up

Export Citation Format

Share Document