Abstract
This paper presents deep learning models for binary and multiclass intrusion classification problems in Software-defined-networks (SDN). The induced models are evaluated by the state-of-the-art dataset, InSDN. We applied Convolutional Autoencoder (CNN-AE) for high-level feature extraction, and Multi-Layer Perceptron (MLP) for classification that delivers high-performance metrics of F1-score, accuracy and recall compared to similar studies. Highly imbalanced datasets such as InSDN underperform in detecting the instances belonging to the minority class. We use Synthetic Minority Oversampling Technique (SMOTE) to address dataset imbalance and observe a significant detection enhancement in the detection of minority classes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdallah, M., An Le Khac, N., Jahromi, H., Delia Jurcut, A.: A hybrid CNN-LSTM based approach for anomaly detection systems in SDNs. In: The 16th International Conference on Availability, Reliability and Security, pp. 1–7 (2021)
Alshra’a, A.S., Farhat, A., Seitz, J.: Deep learning algorithms for detecting denial of service attacks in software-defined networks. Procedia Comput. Sci. 191, 254–263 (2021)
Bengio, Y., LeCun, Y., et al.: Scaling learning algorithms towards AI. Large-scale Kernel Mach. 34(5), 1–41 (2007)
Chawla, N.V.: Data mining for imbalanced datasets: an overview. In: Maimon, O., Rokach, L. (eds.) Data Mining and Knowledge Discovery Handbook, pp. 875–886. Springer, Boston (2009). https://doi.org/10.1007/978-0-387-09823-4_45
Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Intell. Res. 16, 321–357 (2002)
Divekar, A., Parekh, M., Savla, V., Mishra, R., Shirole, M.: Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives. In: 2018 IEEE 3rd International Conference on Computing, Communication and Security (ICCCS), pp. 1–8. IEEE (2018)
Elsayed, M.S., Jahromi, H.Z., Nazir, M.M., Jurcut, A.D.: The role of CNN for intrusion detection systems: an improved CNN learning approach for SDNs. In: Perakovic, D., Knapcikova, L. (eds.) FABULOUS 2021. LNICST, vol. 382, pp. 91–104. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78459-1_7
Elsayed, M.S., Le-Khac, N.A., Jurcut, A.D.: InSDN: A novel SDN intrusion dataset. IEEE Access 8, 165263–165284 (2020)
Jain, S., et al.: B4: experience with a globally-deployed software defined wan. ACM SIGCOMM Comput. Commun. Rev. 43(4), 3–14 (2013)
Margineantu, D.: Building ensembles of classifiers for loss minimization. Comput. Sci. Stat., 190–194 (1999)
Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN). arXiv preprint arXiv:1611.07400 (2016)
Paszke, A., et al.: Pytorch: an imperative style, high-performance deep learning library. In: Wallach, H., Larochelle, H., Beygelzimer, A., d’ Alché-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol. 32, pp. 8024–8035. Curran Associates, Inc. (2019). http://papers.neurips.cc/paper/9015-pytorch-an-imperative-style-high-performance-deep-learning-library.pdf
Provost, F., Fawcett, T.: Robust classification for imprecise environments. Mach. Learn. 42(3), 203–231 (2001)
Shinan, K., Alsubhi, K., Alzahrani, A., Ashraf, M.U.: Machine learning-based botnet detection in software-defined network: a systematic review. Symmetry 13(5) (2021). https://doi.org/10.3390/sym13050866. https://www.mdpi.com/2073-8994/13/5/866
Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep recurrent neural network for intrusion detection in SDN-based networks. In: 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 202–206. IEEE (2018)
Tariq, F., Baig, S.: Botnet classification using centralized collection of network flow counters in software defined networks. Int. J. Comput. Sci. Inf. Secur. 14(8), 1075 (2016)
Tariq, F., Baig, S.: Machine learning based botnet detection in software defined networks. Int. J. Secur. Appl 11(11), 1–12 (2017)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)
Tayfour, O.E., Marsono, M.N.: Collaborative detection and mitigation of DDoS in software-defined networks. J. Supercomput. 77(11), 13166–13190 (2021)
Wagner, D., et al.: United we stand: collaborative detection and mitigation of amplification DDoS attacks at scale. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 970–987 (2021)
Yang, L., Zhao, H.: DDoS attack identification and defense using SDN based on machine learning method. In: 2018 15th International Symposium on Pervasive Systems, Algorithms and Networks (I-SPAN), pp. 174–178. IEEE (2018)
Yap, K.K., et al.: Taking the edge off with espresso: scale, reliability and programmability for global internet peering. In: Proceedings of the Conference of the ACM Special Interest Group on Data Communication, pp. 432–445 (2017)
Acknowledgement
This work is partially funded by the European Union’s Horizon 2020 Research and Innovation Programme through ECHO (https://echonetwork.eu/) project under Grant Agreement No. 830943.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Mirsadeghi, S.M.H., Bahsi, H., Inbouli, W. (2023). Deep Learning-Based Detection of Cyberattacks in Software-Defined Networks. In: Goel, S., Gladyshev, P., Nikolay, A., Markowsky, G., Johnson, D. (eds) Digital Forensics and Cyber Crime. ICDF2C 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 508. Springer, Cham. https://doi.org/10.1007/978-3-031-36574-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-031-36574-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-36573-7
Online ISBN: 978-3-031-36574-4
eBook Packages: Computer ScienceComputer Science (R0)