Skip to main content
SpringerLink
Log in

Enhanced Machine Learning-Based SDN Controller Framework for Securing IoT Networks

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 655))

  • 631 Accesses

Abstract

The Internet of Things (IoT) ecosystem consists of interconnected devices that work together. It facilitates communication between devices, real-time data exchange and cloud computing. The occurrence risk of cyber attacks grows exponentially with these interconnected systems. Devices, networks and data could easily come under attack, wherefore they become vulnerable and could be compromised by hackers. To address this problem, we propose an enhanced Framework used on Software Defined Network (SDN) environment-based Intrusion Detection System (IDS) for securing IoT devices from malicious activity. We implement the machine learning (ML) method as part of the SDN controller's Network Intrusion Detection System (NIDS). Our enhanced ML-based SDN Controller Framework (Improved ML-SDN) classify the data traffic and makes a real-time prediction. It is based on K-Nearest Neighbor (kNN) supervised learning algorithm with others improving model Accuracy. It has produced an accuracy of 99.7%, 0.02304 s of building model time, 0.2997 s of detection time and a false alarm rate (FAR) of 0.34%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Liatifis, A., Sarigiannidis, P., Argyriou, V., Lagkas, T.: Advancing SDN: from OpenFlow to P4, a survey. ACM Computing Surveys (CSUR) (2022)

    Google Scholar 

  2. Manguri, K.H., Omer, S.M.: SDN for IoT environment: a survey and research challenges. In: ITM Web of Conferences, vol. 42, p. 01005. EDP Sciences (2022)

    Google Scholar 

  3. Karmous, N., Aoueileyine, M.-E., Abdelkader, M., Youssef, N.: A proposed intrusion detection method based on machine learning used for internet of things systems. In: Barolli, L., Hussain, F., Enokido, T. (eds.) Advanced Information Networking and Applications. LNNS, vol. 451, pp. 33–45. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99619-2_4

    Chapter  Google Scholar 

  4. Gad, A.R., Nashat, A.A., Barkat, T.M.: Intrusion detection system using machine learning for vehicular ad hoc networks based on ToN-IoT dataset. IEEE Access 9, 142206–142217 (2021)

    Article  Google Scholar 

  5. Malhotra, P., et al.: Internet of things: evolution,concerns and security challenges. Sensors. 21(5), 1809 (2021)

    Google Scholar 

  6. Dietz, K., Gray, N., Seufert, M., Hossfeld, T.: ML-based performance prediction of SDN using simulated data from real and syntheticnetworks. In: NOMS 2022–2022 IEEE/IFIP Network Operations and Management Symposium, pp. 1–7. IEEE, April 2022

    Google Scholar 

  7. Kim, T., Pak, W.: Robust network intrusion detection system based on machine-learning with early classification. IEEE Access 10, 10754–10767 (2022)

    Article  Google Scholar 

  8. NSL-KDD | Datasets | Research | Canadian Institute for Cybersecurity | UNB, 2017. http://www.unb.ca/cic/datasets/nsl.html

  9. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.: A detailed analysis of the KDD CUP 99 data set. In: Second IEEE Symposium on Computational Intelligence for Security and Defense Applications (CISDA) (2009)

    Google Scholar 

  10. What is a DDoS Attack? - DDoS Meaning. usa.kaspersky.com. 2021–01–13. Accessed 05 Sep 2021

    Google Scholar 

  11. Ambedkar, C., Kishore Babu, V.: Detection of probe attacks using machine learning techniques. Int. J. Res. Stud. Comput. Sci. Eng. (IJRSCSE) 2(3), 25–29 (2015)

    Google Scholar 

  12. Revathi, S., Malathi, A.: Detecting user-to-root (U2R) attacks based on various machine learning techniques. Int. J. Adv. Res. Comput. Commun. Eng . 3(4), 6322–6324 (2014)

    Google Scholar 

  13. Ahmad, I.,Abdullah, A.B., Alghamdi, A.S.: Remote to local attack detection using supervised neural network. In: 2010 International Conference for Internet Technology and Secured Transactions. IEEE (2010)

    Google Scholar 

  14. Alzahrani, A.O., Alenazi, M.J.F.: Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet. 13(5), 111 (2021). https://doi.org/10.3390/fi13050111

  15. Mitchell, R., Frank, E.: Accelerating the XGBoost algorithm using GPU computing. PeerJ. Comput. Sci. 3, e127 (2017)

    Article  Google Scholar 

  16. Charbuty, B., Abdulazeez, A.: Classification based on decision tree algorithm for machine learning. J. Appl. Sci. Technol. Trends 2(01), 20–28 (2021)

    Article  Google Scholar 

  17. Batra, R., Mahajan, M., Goel, A.: Implementation of SDN-Based Feature Selection Approaches on NSL-KDD Dataset for Anomaly Detection

    Google Scholar 

  18. Denisko, D., Hoffman, M.M.: Classification and interaction in random forests. Proc. Natl. Acad. Sci. USA. 115(8), 1690–1692 (2018). https://doi.org/10.1073/pnas.1800256115. PMC 5828645. PMID 29440440

  19. Bhargava, N., et al.: Decision tree analysis on j48 algorithm for data mining. In: Proceedings of International Journal of Advanced Research in Computer Science and Software Engineering, vol. 3.6 (2013)

    Google Scholar 

  20. Heckerman, D.: A Tutorial on Learning with Bayesian Networks. Innovations Bayesian Network, pp. 33–82(2008)

    Google Scholar 

  21. Wickramasinghe, I., Kalutarage, H.: Naive Bayes: applications, variations and vulnerabilities: a review of literature with code snippets for implementation. Soft. Comput. 25(3), 2277–2293 (2020). https://doi.org/10.1007/s00500-020-05297-6

    Article  Google Scholar 

  22. Chenou, J., Hsieh, G., Fields, T.: Radial basis function network: its robustness and ability to mitigate adversarial examples." In: 2019 International Conference on Computational Science and Computational Intelligence (CSCI). IEEE (2019)

    Google Scholar 

  23. Hadi, M.R., Mohammed, A.S.: A novel approach to network intrusion detection system using deep learning for SDN: Futuristic approach.“ arXiv preprint arXiv:2208.02094 (2022)

  24. Khan, A., Chase, C.: Detecting attacks on IoT devices using featureless 1D-CNN. In: 2021 IEEE International Conference on Cyber Security and Resilience(CSR). IEEE (2021)

    Google Scholar 

  25. Swarnalatha, G.: Detect and classify the unpredictable cyber-attacks by using DNN model. Turkish J. Comput. Math. Educ. (TURCOMAT) 12(6), 74–81 (2021)

    Google Scholar 

  26. Park, S.H., Hyun, J.P., Young-June, C.: RNN-based prediction for network intrusion detection. In: 2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC). IEEE (2020)

    Google Scholar 

  27. Hochreiter, S., Schmidhuber, J.: ‘Long short-term memory.’ Neural Comput. 9(8), 1735–1780 (1997)

    Article  Google Scholar 

  28. Kasongo, S.M., Sun, Y.: A deep gated recurrent unit based model for wireless intrusion detection system.“ ICT Express. 7(1), 81–87 (2021)

    Google Scholar 

  29. Sood, M.: SDN and mininet: some basic concepts. Int. J. Adv. Netw. Appl. 7(2), 2690 (2015)

    MathSciNet  Google Scholar 

  30. Asadollahi, S., Goswami, B., Sameer, M.: Ryu controller's scalability experiment on software-defined networks. In: 2018 IEEE International Conference on Current Trends in Advanced Computing (ICCTAC). IEEE (2018)

    Google Scholar 

  31. Gupta, N., Maashi, M.S., Tanwar, S., Badotra, S., Aljebreen, M., Bharany, S.: A comparative study of software defined networking controllers using Mininet. Electronics 11, 2715 (2022). https://doi.org/10.3390/electronics11172715

    Article  Google Scholar 

  32. Shang, Z.: Performance Evaluation of the Control Plane in OpenFlow Networks.Freie Universitaet Berlin, Germany (2019)

    Google Scholar 

  33. Kurita, T.: Principal component analysis (PCA). In: Computer Vision: A Reference Guide, pp. 1–4 (2019)

    Google Scholar 

  34. Alfarshouti, A.M., Almutairi, S.M.: An intrusion detection system in IoT environment using KNN and SVM classifiers. Webology 19(1), 3500–3517 (2022). https://doi.org/10.14704/WEB/V19I1/WEB19231

    Article  Google Scholar 

  35. Salih, A.A., Abdulazeez, A.M.: Evaluation of classification algorithms for intrusion detection system: a review. J. Soft Comput. Data Min. 02(01), 31–40 (2021). https://doi.org/10.30880/jscdm.2021.02.01.004

    Article  Google Scholar 

  36. Syamsuddin, I., Barukab, O.M.: SUKRY: Suricata IDS with enhanced kNN algorithm on raspberry Pi for classifying IoT botnet attacks. Electron. 11(5), 737 (2022)

    Google Scholar 

  37. Alhammadi, M., Ali, N.: Comparative study between (SVM) and (KNN) classifiers by using (PCA) to improve intrusion detection system. Iraqi J. Intell. Comput. Inform. (IJICI). 1(1), 22–33 (2022)

    Google Scholar 

  38. Rhohim, A., Vera, S., Muhammad Arief, N.: Denial of service traffic validation using K-fold cross-validation on software-defined network. eProc. Eng. 8(5), 1–10 (2021)

    Google Scholar 

  39. Godalle, E.: How to find optimal parameters using GridSearchCV in ML in python, 1 January 2023. https://www.projectpro.io/recipes/find-optimal-parameters-using-gridsearchcv

  40. Kilincer, I.F., Ertam, F., Sengur, A.: Machine learning methods for cyber security intrusion detection: datasets and comparative study. Comput. Netw. 188, 107840 (2021). https://doi.org/10.1016/j.comnet.2021.107840

  41. Sarker, I.H.: CyberLearning: effectiveness analysis of machine learning security modelling to detect cyber-anomalies and multi-attacks. Internet of Things. 14, 100393 (2021). https://doi.org/10.1016/j.iot.2021.100393

  42. Karmous, N., Aoueileyine, M.O.-E., Abdelkader, M., Youssef, N.: IoT real-time attacks classification framework using machine learning. In: 2022 IEEE Ninth International Conference on Communications and Networking (ComNet), pp. 1–5 (2022).https://doi.org/10.1109/ComNet55492.2022.9998441

Download references

Author information

Authors and Affiliations

  1. InnovCOM Laboratory, SUPCOM, Carthage University, Kenosha, Tunisia

    Neder Karmous, Mohamed Ould-Elhassen Aoueileyine, Manel Abdelkader & Neji Youssef

Authors
  1. Neder Karmous
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohamed Ould-Elhassen Aoueileyine
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manel Abdelkader
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Neji Youssef
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Neder Karmous , Mohamed Ould-Elhassen Aoueileyine , Manel Abdelkader or Neji Youssef .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Karmous, N., Aoueileyine, M.OE., Abdelkader, M., Youssef, N. (2023). Enhanced Machine Learning-Based SDN Controller Framework for Securing IoT Networks. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2023. Lecture Notes in Networks and Systems, vol 655. Springer, Cham. https://doi.org/10.1007/978-3-031-28694-0_6

Download citation

Publish with us

Policies and ethics

Search

Navigation