Intrusion detection system for SDN network using deep learning approach

Software Defined Network (SDN) is considered as the main component of the next generation network. Security, in this environment, has very challenges and risks. Attacking SDN controller or injecting false flow rules could affect the network and block the entire services. To enhance the SDN network security, we propose an anomaly-based intrusion detection system using deep learning approach. This solution aims to protect the communication channel between the SDN control layer and the SDN infrastructure layer against false data injection attack, and to detect any attempt of attack in SND southbound side. We analyze the flows that circulate in the SDN network, we use the logarithm function followed by the Min/Max scalar technique to normalize the flows features. For the flow classification, we exploit the Relu and Softmax functions. We test the proposed system with CICIDS2017 dataset on an experimental platform combining Mininet environment and ONOS controller. The evaluation results demonstrate the effectiveness and efficiency of the proposed security solution.

[1]  Xiaolin Li,et al.  Detection and defense of DDoS attack–based on deep learning in OpenFlow‐based SDN , 2018, Int. J. Commun. Syst..

[2]  David J. Day,et al.  A performance analysis of Snort and Suricata Network Intrusion Detection and Prevention Engines , 2011, ICDS 2011.

[3]  Sanjay Jha,et al.  A Survey of Securing Networks Using Software Defined Networking , 2015, IEEE Transactions on Reliability.

[4]  Ian Witten,et al.  Data Mining , 2000 .

[5]  Deepak Puthal,et al.  Everything You Wanted to Know About the Blockchain: Its Promise, Components, Processes, and Problems , 2018, IEEE Consumer Electronics Magazine.

[6]  Karl Rihaczek,et al.  1. WHAT IS DATA MINING? , 2019, Data Mining for the Social Sciences.

[7]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[8]  Ahmad Y. Javaid,et al.  A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN) , 2016, EAI Endorsed Trans. Security Safety.

[9]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[10]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[11]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[12]  Ali A. Ghorbani,et al.  Towards a Reliable Intrusion Detection Benchmark Dataset , 2017 .

[13]  Ailton Akira Shinoda,et al.  Using Mininet for emulation and prototyping Software-Defined Networks , 2014, 2014 IEEE Colombian Conference on Communications and Computing (COLCOM).

[14]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[15]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[16]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[17]  Danda B. Rawat,et al.  Software Defined Networking Architecture, Security and Energy Efficiency: A Survey , 2017, IEEE Communications Surveys & Tutorials.

[18]  Thomas G. Dietterich What is machine learning? , 2020, Archives of Disease in Childhood.

[19]  Mounir Ghogho,et al.  Deep Recurrent Neural Network for Intrusion Detection in SDN-based Networks , 2018, 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft).

[20]  K. Okamura,et al.  Leveraging SDN for Detection and Mitigation SMTP Flood Attack through Deep Learning Analysis Techniques , 2017 .