A Hybrid CNN-LSTM Based Approach for Anomaly Detection Systems in SDNs

Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm introduces new attack vectors that do not exist in the conventional distributed networks. This paper develops a hybrid Intrusion Detection System (IDS) by combining the Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM). The proposed model is capable of capturing the spatial and temporal features of the network traffic. Two regularization techniques i.e., L2 Regularization () and dropout method are used to overcome with the overfitting problem. The proposed method improves the intrusion detection performance of zero-day attacks. The InSDN dataset — the most recent dataset for SDN networks is used to test and evaluate the performance of the proposed model. The results indicate that integrating the CNN with LSTM improves the intrusion detection performance and achieves an accuracy of 96.32%. The estimated accuracy is higher than the accuracy of each individual model. In addition, it is established that the regularization techniques improves the performance of the CNN algorithms in detecting new intrusions when compared to the standard CNN. The findings of this study facilitates the development of robust IDS systems for SDN environment.

[1]  K. A. Taher,et al.  Network Intrusion Detection using Supervised Machine Learning Technique with Feature Selection , 2019, 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST).

[2]  Mohana,et al.  Anomaly Detection in Videos for Video Surveillance Applications using Neural Networks , 2020, 2020 Fourth International Conference on Inventive Systems and Control (ICISC).

[3]  Nhien-An Le-Khac,et al.  DDoSNet: A Deep-Learning Model for Detecting Network Attacks , 2020, 2020 IEEE 21st International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[4]  Nhien-An Le-Khac,et al.  Network Anomaly Detection Using LSTM Based Autoencoder , 2020, Q2SWinet.

[5]  Nhien-An Le-Khac,et al.  Detecting Abnormal Traffic in Large-Scale Networks , 2020, 2020 International Symposium on Networks, Computers and Communications (ISNCC).

[6]  You-Chiun Wang,et al.  An Efficient Route Management Framework for Load Balance and Overhead Reduction in SDN-Based Data Center Networks , 2018, IEEE Transactions on Network and Service Management.

[7]  Arjan Durresi,et al.  Quality of Service (QoS) in Software Defined Networking (SDN): A survey , 2017, J. Netw. Comput. Appl..

[8]  K. Sundarakantham,et al.  Machine Learning Based Intrusion Detection System , 2019, 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI).

[9]  Narmeen Zakaria Bawany,et al.  DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions , 2017, Arabian Journal for Science and Engineering.

[10]  Cheng Xing,et al.  An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks , 2019, IEEE Access.

[11]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[12]  Miad Faezipour,et al.  Features Dimensionality Reduction Approaches for Machine Learning Based Network Intrusion Detection , 2019, Electronics.

[13]  Jintao Li,et al.  Data-driven software defined network attack detection : State-of-the-art and perspectives , 2020, Inf. Sci..

[14]  Ünal Çavusoglu,et al.  A new hybrid approach for intrusion detection using machine learning methods , 2019, Applied Intelligence.

[15]  Fatih Alagöz,et al.  Defense Mechanisms against DDoS Attacks in SDN Environment , 2017, IEEE Communications Magazine.

[16]  Po-Ching Lin,et al.  An Unsupervised Deep Learning Model for Early Network Traffic Anomaly Detection , 2020, IEEE Access.

[17]  Christos Tachtatzis,et al.  Utilising Deep Learning techniques for effective zero-day attack detection , 2020 .

[18]  Nhien-An Le-Khac,et al.  InSDN: A Novel SDN Intrusion Dataset , 2020, IEEE Access.

[19]  Andreas Hotho,et al.  A Survey of Network-based Intrusion Detection Data Sets , 2019, Comput. Secur..

[20]  Soma Bandyopadhyay,et al.  IoT Healthcare Analytics: The Importance of Anomaly Detection , 2016, 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA).

[21]  Nhien-An Le-Khac,et al.  Machine-Learning Techniques for Detecting Attacks in SDN , 2019, 2019 IEEE 7th International Conference on Computer Science and Network Technology (ICCSNT).

[22]  Alfredo Cuzzocrea,et al.  Interpretable Anomaly Prediction: Predicting anomalous behavior in industry 4.0 settings via regularized logistic regression tools , 2020, Data Knowl. Eng..

[23]  Mounir Ghogho,et al.  Deep Recurrent Neural Network for Intrusion Detection in SDN-based Networks , 2018, 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft).

[24]  Zhengmin Kong,et al.  Convolution and Long Short-Term Memory Hybrid Deep Neural Networks for Remaining Useful Life Prognostics , 2019, Applied Sciences.

[25]  Sarra BOUKRIA,et al.  Intrusion detection system for SDN network using deep learning approach , 2019, 2019 International Conference on Theoretical and Applicative Aspects of Computer Science (ICTAACS).

[26]  Nhien-An Le-Khac,et al.  Dealing With COVID-19 Network Traffic Spikes [Cybercrime and Forensics] , 2021, IEEE Security & Privacy.