Voting-based intrusion detection framework for securing software-defined networks

Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed denial of service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research article, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting-based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research article, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets such as UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross-validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F-measure). Experimental results indicate that the proposed models achieve better performance in terms of accuracy as compared with other existing models.