Usage of Machine Learning Algorithms for Flow Based Anomaly Detection System in Software Defined Networks

Computer networks are becoming more complex in the number of connected nodes and the amount of traffic. The growing number and increasing complexity of cyber-attacks makes network management and security a challenge. Software defined networks (SDN) technology is a solution that aims for efficient and flexible network management. The SDN controller(s) plays an important role in detecting and preventing cyber-attacks. In this study, a flow-based anomaly detection system running on the POX controller is designed. A comparative analysis of the supervised machine algorithms is given to choose the optimum anomaly detection method in SDN based networks. NSL-KDD dataset is used for training and testing of the classifiers. The results show that machine learning algorithms have great potential in the success of flow-based anomaly detection systems in the SDN infrastructure.

[1]  Enis Karaarslan,et al.  A Preliminary Survey on the Security of Software-Defined Networks , 2016 .

[2]  Zhifeng Zhao,et al.  A Machine Learning Based Intrusion Detection System for Software Defined 5G Network , 2017, ArXiv.

[3]  R. Thangarajan,et al.  Efficient anomaly detection and mitigation in software defined networking environment , 2015, 2015 2nd International Conference on Electronics and Communication Systems (ICECS).

[4]  Seemab Latif,et al.  Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques , 2014, 2014 National Software Engineering Conference.

[5]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[6]  S. Thamarai Selvi,et al.  DDoS detection and analysis in SDN-based environment using support vector machine classifier , 2014, 2014 Sixth International Conference on Advanced Computing (ICoAC).

[7]  Nick Feamster,et al.  Improving network management with software defined networking , 2013, IEEE Commun. Mag..

[8]  Hoa Le,et al.  Flexible Network-Based Intrusion Detection and Prevention System on Software-Defined Networks , 2015, 2015 International Conference on Advanced Computing and Applications (ACOMP).

[9]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[10]  V Vetriselvi,et al.  Intrusion Detection System for Software-Defined Networks Using Fuzzy System , 2018 .

[11]  Bernardi Pranggono,et al.  Machine learning based intrusion detection system for software defined networks , 2017, 2017 Seventh International Conference on Emerging Security Technologies (EST).

[12]  Syed Ali Khayam,et al.  Revisiting Traffic Anomaly Detection Using Software Defined Networking , 2011, RAID.

[13]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[14]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).