ML-IDSDN: Machine learning based intrusion detection system for software-defined network

被引:14
|
作者
Alzahrani, Abdulsalam O. [1 ]
Alenazi, Mohammed J. F. [1 ]
机构
[1] King Saud Univ, Dept Comp Engn, CCIS, Riyadh, Saudi Arabia
来源
关键词
DDoS; machine learning; Mininet; network management; performance analysis; probe; Ryu controller; software-defined networking;
D O I
10.1002/cpe.7438
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Software-defined networking (SDN) has been developed to separate network control plane from forwarding plane which can decrease operational costs and the time it takes to deploy new services compared to traditional networks. Despite these advantages, this technology brings threats and vulnerabilities. Consequently, developing high-performance real-time intrusion detection systems (IDSs) to classify malicious activities is a vital part of SDN architecture. This article introduces two created datasets generated from SDN using Mininet and Ryu controller with different feature extraction tools that contain normal traffic and different types of attacks (Fin flood, UDP flood, ICMP flood, OS probe scan, port probe scan, TCP bandwidth flood, and TCP syn flood) that is used for training a number of supervised binary classification machine learning algorithms such as k-nearest neighbor, AdaBoost, decision tree (DT), random forest, naive Bayes, multilayer perceptron, support vector machine, and XGBoost. The DT algorithm has achieved high scores to fit a real-time application achieving F1 score on attack class of 0.9995, F1 score on normal class of 0.9983, and throughput score of 6,737,147.275 samples per second with a total number of three features. In addition, using data preprocessing to reduce the model complexity, thereby increasing the overall throughput to fit a real-time system.
引用
收藏
页数:19
相关论文
共 50 条
  • [1] Network Intrusion Detection in Software-Defined Network using Deep and Machine Learning
    Mhamdi, Lotfi
    Hamdi, Hedi
    Mahmood, Mahmood A.
    [J]. IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM, 2023, : 2692 - 2697
  • [2] Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks
    Alzahrani, Abdulsalam O.
    Alenazi, Mohammed J. E.
    [J]. FUTURE INTERNET, 2021, 13 (05)
  • [3] Machine Learning Based Intrusion Detection System for Software Defined Networks
    Abubakar, Atiku
    Pranggono, Bernardi
    [J]. 2017 SEVENTH INTERNATIONAL CONFERENCE ON EMERGING SECURITY TECHNOLOGIES (EST), 2017, : 138 - 143
  • [4] Flexible Network-based Intrusion Detection and Prevention System on Software-defined Networks
    An Le
    Phuong Dinh
    Hoa Le
    Ngoc Cuong Tran
    [J]. 2015 INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING AND APPLICATIONS (ACOMP), 2015, : 106 - 111
  • [5] Cyber-Physical System Intrusion Detection Model Based on Software-Defined Network
    Xiao, Yunting
    Liu, Jingyong
    Zhang, Lichen
    [J]. PROCEEDINGS OF 2021 IEEE 12TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS), 2021, : 170 - 173
  • [6] Machine Learning-Based Botnet Detection in Software-Defined Network: A Systematic Review
    Shinan, Khlood
    Alsubhi, Khalid
    Alzahrani, Ahmed
    Ashraf, Muhammad Usman
    [J]. SYMMETRY-BASEL, 2021, 13 (05):
  • [7] A kangaroo-based intrusion detection system on software-defined networks
    Yazdinejadna, Abbas
    Parizi, Reza M.
    Dehghantanha, Ali
    Khan, Mohammad S.
    [J]. COMPUTER NETWORKS, 2021, 184
  • [8] An Intrusion Detection System Based on Genetic Algorithm for Software-Defined Networks
    Zhao, Xuejian
    Su, Huiying
    Sun, Zhixin
    [J]. MATHEMATICS, 2022, 10 (21)
  • [9] Intrusion detection systems for software-defined networks: a comprehensive study on machine learning-based techniques
    Mustafa, Zaid
    Amin, Rashid
    Aldabbas, Hamza
    Ahmed, Naeem
    [J]. CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2024, 27 (07): : 9635 - 9661
  • [10] Overhead Reduction Technique for Software-Defined Network Based Intrusion Detection Systems
    Janabi, Ahmed H.
    Kanakis, Triantafyllos
    Johnson, Mark
    [J]. IEEE ACCESS, 2022, 10 : 66481 - 66491