Deep Recurrent Neural Network for Intrusion Detection in SDN-based Networks

Software Defined Networking (SDN) has emerged as a key enabler for future agile Internet architecture. Nevertheless, the flexibility provided by SDN architecture manifests several new design issues in terms of network security. These issues must be addressed in a unified way to strengthen overall network security for future SDN deployments. Consequently, in this paper, we propose a Gated Recurrent Unit Recurrent Neural Network (GRU-RNN) enabled intrusion detection systems for SDNs. The proposed approach is tested using the NSL-KDD dataset, and we achieve an accuracy of 89% with only six raw features. Our experiment results also show that the proposed GRU-RNN does not deteriorate the network performance. Through extensive experiments, we conclude that the proposed approach exhibits a strong potential for intrusion detection in the SDN environments.

[1]  Zhihan Lv,et al.  Modeling network traffic for traffic matrix estimation and anomaly detection based on Bayesian network in cloud computing networks , 2017, Ann. des Télécommunications.

[2]  Ahmed Toumanari,et al.  Survey of Security in Software-Defined Network , 2017 .

[3]  June-ho Bang,et al.  Anomaly detection of network-initiated LTE signaling traffic in wireless sensor and actuator networks based on a Hidden semi-Markov Model , 2017, Comput. Secur..

[4]  Izzat Alsmadi,et al.  Identifying cyber-attacks on software defined networks: An inference-based intrusion detection approach , 2017, J. Netw. Comput. Appl..

[5]  Moses Garuba,et al.  Big Data Analytics for User-Activity Analysis and User-Anomaly Detection in Mobile Wireless Network , 2017, IEEE Transactions on Industrial Informatics.

[6]  Ahmad Y. Javaid,et al.  A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN) , 2016, EAI Endorsed Trans. Security Safety.

[7]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[8]  Truong Thu Huong,et al.  OpenFlowSIA: An optimized protection scheme for software-defined networks from flooding attacks , 2016, 2016 IEEE Sixth International Conference on Communications and Electronics (ICCE).

[9]  Cherukuri Aswani Kumar,et al.  Improving Accuracy of Intrusion Detection Model Using PCA and optimized SVM , 2016, J. Comput. Inf. Technol..

[10]  Timothy Dozat,et al.  Incorporating Nesterov Momentum into Adam , 2016 .

[11]  Marc St-Hilaire,et al.  Early detection of DDoS attacks against SDN controllers , 2015, 2015 International Conference on Computing, Networking and Communications (ICNC).

[12]  Yoshua Bengio,et al.  Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling , 2014, ArXiv.

[13]  S. Thamarai Selvi,et al.  DDoS detection and analysis in SDN-based environment using support vector machine classifier , 2014, 2014 Sixth International Conference on Advanced Computing (ICoAC).

[14]  Yoshua Bengio,et al.  Learning Phrase Representations using RNN Encoder–Decoder for Statistical Machine Translation , 2014, EMNLP.

[15]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[16]  Syed Ali Khayam,et al.  Revisiting Traffic Anomaly Detection Using Software Defined Networking , 2011, RAID.

[17]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[18]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[19]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[20]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[21]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[22]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[23]  Jim Esch,et al.  Software-Defined Networking: A Comprehensive Survey , 2015, Proc. IEEE.

[24]  Yoshua Bengio,et al.  Gradient Flow in Recurrent Nets: the Difficulty of Learning Long-Term Dependencies , 2001 .