An Intrusion Detection System Based on Genetic Algorithm for Software-Defined Networks

A SDN (Software-Defined Network) separates the control layer from the data layer to realize centralized network control and improve the scalability and the programmability. SDN also faces a series of security threats. An intrusion detection system (IDS) is an effective means of protecting communication networks against traffic attacks. In this paper, a novel IDS model for SDN is proposed to collect and analyze the traffic which is generally at the control plane. Moreover, network congestion will occur when the amount of data transferred reaches the data processing capacity of the IDS. The suggested IDS model addresses this problem with a probability-based traffic sampling method in which the genetic algorithm (GA) is used to approach the sampling probability of each sampling point. According to the simulation results, the suggested IDS model based on GA is capable of enhancing the detection efficiency in SDNs.