Skip to main content
SpringerLink
Log in

Deep Learning-Based Detection of Cyberattacks in Software-Defined Networks

  • Conference paper
  • First Online:
Digital Forensics and Cyber Crime (ICDF2C 2022)

Included in the following conference series:

Abstract

This paper presents deep learning models for binary and multiclass intrusion classification problems in Software-defined-networks (SDN). The induced models are evaluated by the state-of-the-art dataset, InSDN. We applied Convolutional Autoencoder (CNN-AE) for high-level feature extraction, and Multi-Layer Perceptron (MLP) for classification that delivers high-performance metrics of F1-score, accuracy and recall compared to similar studies. Highly imbalanced datasets such as InSDN underperform in detecting the instances belonging to the minority class. We use Synthetic Minority Oversampling Technique (SMOTE) to address dataset imbalance and observe a significant detection enhancement in the detection of minority classes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdallah, M., An Le Khac, N., Jahromi, H., Delia Jurcut, A.: A hybrid CNN-LSTM based approach for anomaly detection systems in SDNs. In: The 16th International Conference on Availability, Reliability and Security, pp. 1–7 (2021)

    Google Scholar 

  2. Alshra’a, A.S., Farhat, A., Seitz, J.: Deep learning algorithms for detecting denial of service attacks in software-defined networks. Procedia Comput. Sci. 191, 254–263 (2021)

    Article  Google Scholar 

  3. Bengio, Y., LeCun, Y., et al.: Scaling learning algorithms towards AI. Large-scale Kernel Mach. 34(5), 1–41 (2007)

    Google Scholar 

  4. Chawla, N.V.: Data mining for imbalanced datasets: an overview. In: Maimon, O., Rokach, L. (eds.) Data Mining and Knowledge Discovery Handbook, pp. 875–886. Springer, Boston (2009). https://doi.org/10.1007/978-0-387-09823-4_45

    Chapter  Google Scholar 

  5. Chawla, N.V., Bowyer, K.W., Hall, L.O., Kegelmeyer, W.P.: Smote: synthetic minority over-sampling technique. J. Artif. Intell. Res. 16, 321–357 (2002)

    Article  MATH  Google Scholar 

  6. Divekar, A., Parekh, M., Savla, V., Mishra, R., Shirole, M.: Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives. In: 2018 IEEE 3rd International Conference on Computing, Communication and Security (ICCCS), pp. 1–8. IEEE (2018)

    Google Scholar 

  7. Elsayed, M.S., Jahromi, H.Z., Nazir, M.M., Jurcut, A.D.: The role of CNN for intrusion detection systems: an improved CNN learning approach for SDNs. In: Perakovic, D., Knapcikova, L. (eds.) FABULOUS 2021. LNICST, vol. 382, pp. 91–104. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78459-1_7

    Chapter  Google Scholar 

  8. Elsayed, M.S., Le-Khac, N.A., Jurcut, A.D.: InSDN: A novel SDN intrusion dataset. IEEE Access 8, 165263–165284 (2020)

    Article  Google Scholar 

  9. Jain, S., et al.: B4: experience with a globally-deployed software defined wan. ACM SIGCOMM Comput. Commun. Rev. 43(4), 3–14 (2013)

    Article  Google Scholar 

  10. Margineantu, D.: Building ensembles of classifiers for loss minimization. Comput. Sci. Stat., 190–194 (1999)

    Google Scholar 

  11. Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN). arXiv preprint arXiv:1611.07400 (2016)

  12. Paszke, A., et al.: Pytorch: an imperative style, high-performance deep learning library. In: Wallach, H., Larochelle, H., Beygelzimer, A., d’ Alché-Buc, F., Fox, E., Garnett, R. (eds.) Advances in Neural Information Processing Systems, vol. 32, pp. 8024–8035. Curran Associates, Inc. (2019). http://papers.neurips.cc/paper/9015-pytorch-an-imperative-style-high-performance-deep-learning-library.pdf

  13. Provost, F., Fawcett, T.: Robust classification for imprecise environments. Mach. Learn. 42(3), 203–231 (2001)

    Article  MATH  Google Scholar 

  14. Shinan, K., Alsubhi, K., Alzahrani, A., Ashraf, M.U.: Machine learning-based botnet detection in software-defined network: a systematic review. Symmetry 13(5) (2021). https://doi.org/10.3390/sym13050866. https://www.mdpi.com/2073-8994/13/5/866

  15. Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep recurrent neural network for intrusion detection in SDN-based networks. In: 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 202–206. IEEE (2018)

    Google Scholar 

  16. Tariq, F., Baig, S.: Botnet classification using centralized collection of network flow counters in software defined networks. Int. J. Comput. Sci. Inf. Secur. 14(8), 1075 (2016)

    Google Scholar 

  17. Tariq, F., Baig, S.: Machine learning based botnet detection in software defined networks. Int. J. Secur. Appl 11(11), 1–12 (2017)

    Google Scholar 

  18. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)

    Google Scholar 

  19. Tayfour, O.E., Marsono, M.N.: Collaborative detection and mitigation of DDoS in software-defined networks. J. Supercomput. 77(11), 13166–13190 (2021)

    Article  Google Scholar 

  20. Wagner, D., et al.: United we stand: collaborative detection and mitigation of amplification DDoS attacks at scale. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 970–987 (2021)

    Google Scholar 

  21. Yang, L., Zhao, H.: DDoS attack identification and defense using SDN based on machine learning method. In: 2018 15th International Symposium on Pervasive Systems, Algorithms and Networks (I-SPAN), pp. 174–178. IEEE (2018)

    Google Scholar 

  22. Yap, K.K., et al.: Taking the edge off with espresso: scale, reliability and programmability for global internet peering. In: Proceedings of the Conference of the ACM Special Interest Group on Data Communication, pp. 432–445 (2017)

    Google Scholar 

Download references

Acknowledgement

This work is partially funded by the European Union’s Horizon 2020 Research and Innovation Programme through ECHO (https://echonetwork.eu/) project under Grant Agreement No. 830943.

Author information

Authors and Affiliations

  1. Department of Software Science, Tallinn University of Technology, Tallinn, Estonia

    Seyed Mohammad Hadi Mirsadeghi & Hayretdin Bahsi

  2. University of Lorraine, LORIA, Nancy, France

    Wissem Inbouli

Authors
  1. Seyed Mohammad Hadi Mirsadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hayretdin Bahsi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wissem Inbouli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Seyed Mohammad Hadi Mirsadeghi .

Editor information

Editors and Affiliations

  1. University at Albany, Albany, NY, USA

    Sanjay Goel

  2. University College Dublin, Dublin, Ireland

    Pavel Gladyshev

  3. Horangi Cyber Security, Singapore, Singapore

    Akatyev Nikolay

  4. Missouri University of Science and Technology, Rolla, MO, USA

    George Markowsky

  5. Rochester Institute of Technology, Rochester, NY, USA

    Daryl Johnson

Rights and permissions

Reprints and permissions

Copyright information

© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mirsadeghi, S.M.H., Bahsi, H., Inbouli, W. (2023). Deep Learning-Based Detection of Cyberattacks in Software-Defined Networks. In: Goel, S., Gladyshev, P., Nikolay, A., Markowsky, G., Johnson, D. (eds) Digital Forensics and Cyber Crime. ICDF2C 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 508. Springer, Cham. https://doi.org/10.1007/978-3-031-36574-4_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-36574-4_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-36573-7

  • Online ISBN: 978-3-031-36574-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation