Network Traffic Feature Behaviour Augmentation Fusion based Attacks Classification for Intrusion Detection System in SDN Framework
Abstract
The implementation of Software-Defined Network
(SDN) across multiple data centers aims to simplify the
control and management of networks. However, the increasing
popularity of SDN has also attracted the attention of attackers.
To tackle this problem, it is essential to have an intrusion
detection system (IDS) in place, which plays a crucial role in
cybersecurity by addressing external threats. The advantage
of SDN’s centralized nature is that it facilitates the training of
an IDS based on machine learning. However, there is a scarcity
of research specifically focused on intrusion detection in SDN.
Existing literature often treats SDN intrusion detection as
similar to traditional computer systems and relies on intrusion
datasets generated for those systems. We explore the issue
of intrusion detection in SDN using the most recent public
dataset (InSDN). However, InSDN is an imbalanced data set.
In this paper, we have recommended a method to balance the
data as well as a method to find the best features to improve
the quality of IDS using Machine Learning. In addition, we
also suggest a method of classifying SDN network traffic and
normal network traffic. At the same time, we also evaluate the
efficiency of the SDN system with the load balancing system
and without the load balancing system.
References
J. A. Sava, “Software-defined networking (sdn) market size worldwide from 2021 to 2027,” Available at https://
www.statista.com/statistics/468636/global-sdn-market-size/(2023/25/5).
A. Chawla, B. Lee, S. Fallon, and P. Jacob, “Host based intrusion detection system with combined cnn/rnn model,” in ECML PKDD 2018 Workshops, C. Alzate, A. Monreale, H. Assem, A. Bifet, T. S. Buda, B. Caglayan, B. Drury, E. Garc´ıa-Mart´ın, R. Gavald`a, I. Koprinska, S. Kramer, N. Lavesson, M. Madden, I. Molloy, M.-I. Nicolae, and M. Sinn, Eds. Cham: Springer International Publishing, 2019, pp. 149–158.
Y. Al-Nashif, A. A. Kumar, S. Hariri, Y. Luo, F. Szidarovsky, and G. Qu, “Multi-level intrusion detection system (ml-ids),” in 2008 International Conference on Autonomic Computing, 2008, pp. 131–140.
S. S. Gopalan, D. Ravikumar, D. Linekar, A. Raza, and M. Hasib, “Balancing approaches towards ml for ids: A
survey for the cse-cic ids dataset,” in 2020 International Conference on Communications, Signal Processing, and
their Applications (ICCSPA), 2021, pp. 1–6.
A. S. Dina and D. Manivannan, “Intrusion detection based on machine learning techniques in computer networks,” Internet of Things, vol. 16, p. 100462, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/ S2542660521001037
P. Parkar and A. Bilimoria, “A survey on cyber security ids using ml methods,” in 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS), 2021, pp. 352–360.
M. Almgren and E. Jonsson, “Using active learning in intrusion detection,” in Proceedings. 17th IEEE Computer
Security Foundations Workshop, 2004., 2004, pp. 88–98.
M. S. Elsayed, N.-A. Le-Khac, and A. D. Jurcut, “Insdn: A novel sdn intrusion dataset,” IEEE Access, vol. 8, pp.
263–165 284, 2020.
S. Wang, J. F. Balarezo, K. G. Chavez, A. Al-Hourani, S. Kandeepan, M. R. Asghar, and G. Russello, “Detecting
flooding ddos attacks in software defined networks using supervised learning techniques,” Engineering Science and Technology, an International Journal, vol. 35, p. 101176, 2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2215098622000842
N. N. Tuan, P. H. Hung, N. D. Nghia, N. V. Tho, T. V. Phan, and N. H. Thanh, “A ddos attack mitigation
scheme in isp networks using machine learning based on sdn,” Electronics, vol. 9, no. 3, 2020. [Online]. Available:
https://www.mdpi.com/2079-9292/9/3/413
N. S. Shamim Towhid, “Early detection of intrusion in sdn,” Available at https://uregina.ca/∼nss373/papers/
Early-detection-SDN.pdf (2023/25/5).
M. R. Ahmed, salekul Islam, S. Shatabda, A. K. M. M.Islam, and M. T. I. Robin, “Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques –A Comprehensive Survey,” 12 2021. [Online]. Available: https://www.techrxiv.org/articles/preprint/Intrusion Detection System in Software-Defined Networks Using Machine Learning and Deep Learning Techniques A Comprehensive Survey/17153213
A. Bhardwaj, R. Tyagi, N. Sharma, A. Khare, M. S. Punia, and V. K. Garg, “Network intrusion detection in software defined networking with self-organized constraint-based intelligent learning framework,” Measurement: Sensors, vol. 24, p. 100580, 2022. [Online]. Available: https://www.
sciencedirect.com/science/article/pii/S2665917422002148
S. Dahiya, V. Siwach, and H. Sehrawat, “Review of ai techniques in development of network intrusion detection system in sdn framework,” in 2021 International Conference on Computational Performance Evaluation (ComPE), 2021, pp. 168–174.
N. Sultana, N. Chilamkurti, W. Peng, and R. Alhadad,“Survey on sdn based network intrusion detection system using machine learning approaches,” Peer-to-Peer Networking and Applications, vol. 12, no. 2, pp. 493–501, Mar 2019. [Online]. Available: https://doi.org/10.1007/s12083-017-0630-0
M. R. Hadi and A. S. Mohammed, “A novel approach to network intrusion detection system using deep learning for SDN: Futuristic approach,” in Machine Learning & Applications. Academy and Industry Research
Collaboration Center (AIRCC), jun 2022. [Online]. Available: https://doi.org/10.5121%2Fcsit.2022.121106
M. S. Towhid and N. Shahriar, “Early detection of intrusion in sdn,” in NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, 2023, pp. 1–6.
M. S. ElSayed, N.-A. Le-Khac, M. A. Albahar, and A. Jurcut, “A novel hybrid model for intrusion detection
systems in sdns based on cnn and a new regularization technique,” Journal of Network and Computer Applications, vol. 191, p. 103160, 2021. [Online]. Available: https://www. sciencedirect.com/science/article/pii/S1084804521001739
S. Ray, “A quick review of machine learning algorithms,” in 2019 International Conference on Machine Learning, BigData, Cloud and Parallel Computing (COMITCon), 2019, pp. 35–39.
P. Jeatrakul, K. W. Wong, and C. C. Fung, “Classification of imbalanced data by combining the complementary neural network and smote algorithm,” in Neural Information Processing. Models and Applications, K. W. Wong, B. S. U.Mendis, and A. Bouzerdoum, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 152–159.
N. Chawla, K. Bowyer, L. Hall, and W. Kegelmeyer, “Smote: Synthetic minority over-sampling technique,” J. Artif. Intell. Res. (JAIR), vol. 16, pp. 321–357, 06 2002.
G. Douzas and F. Bacao, “Geometric smote a geometrically enhanced drop-in replacement for smote,” Information Sciences, vol. 501, pp. 118–135, 2019. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0020025519305353
Z. Wang, J. Hu, G. Min, Z. Zhao, and J. Wang, “Dataaugmentation-based cellular traffic prediction in edgecomputing- enabled smart city,” IEEE Transactions on Industrial Informatics, vol. 17, no. 6, pp. 4179–4187, 2021.
G. Lemaˆıtre, F. Nogueira, and C. K. Aridas, “Imbalancedlearn: A python toolbox to tackle the curse of imbalanced datasets in machine learning,” Journal of Machine Learning Research, vol. 18, no. 17, pp. 1–5, 2017. [Online]. Available: http://jmlr.org/papers/v18/16-365
T. Hastie, R. Tibshirani, and J. Friedman, The elements of statistical learning: data mining, inference and prediction, 2nd ed. Springer, 2009. [Online]. Available: http://www-stat.stanford.edu/∼tibs/ElemStatLearn/