Top

Wireless Personal Communications

Published in:

28-09-2021

Detection and Multi-Class Classification of Intrusion in Software Defined Networks Using Stacked Auto-Encoders and CICIDS2017 Dataset

Authors: Padideh Choobdar, Marjan Naderan, Mahmood Naderan

Published in: Wireless Personal Communications | Issue 1/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Software Defined Networks (SDNs) is an emerging concept in network architectures, which divides the network operations into two, control and data, layers. In this concept, control and management operations are moved from the network devices to the controller and inside the control plane. This separation makes it possible to incorporate network devices for different applications, while on the other hand leads to vulnerabilities in the network. In fact, the controller becomes the bottleneck of the network, and it is vulnerable to intrusions. Various approaches have been proposed to detect intrusion in these networks, which among them using deep learning methods has gained the majority of attention in the past decade. In this paper, an intrusion detection system based on the SDN model is presented which is executed as an application module in the controller. The proposed system consists of three phases: in the first phase, for pre-training, sparse stacked auto-encoders are incorporated which learn the features in an unsupervised manner. In the second phase, to train the system, the SoftMax classifier is used and in the third phase, system parameters are optimized. Performance of the proposed system is evaluated according to two datasets, namely NSL-KDD and CICIDS2017, for classification of attacks. To implement the proposed method, the Mininet software and Keras framework, which is based on Tensorflow, are incorporated. The average accuracy in detection and classification of attacks using the proposed method is 98.5%, which is promising in comparison with previous methods.

previous article Augmented Scene Text Recognition Using Crosswise Feature Extraction

next article Opportunistic Routing Protocol Based EPO–BES in MANET for Optimal Path Selection

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Anan, M., Al-Fuqaha, A., Nasser, N., Mu, T. Y., & Bustam, H. (2016). Empowering networking research and experimentation through software-defined networking. Journal of Network and Computer Applications, 70, 140–155.CrossRef

Jarraya, Y., Madi, T., & Debbabi, M. (2014). A survey and a layered taxonomy of software-defined networking. IEEE Communications Surveys & Tutorials, 16(4), 1955–1980.CrossRef

Astuto, B. N., Mendonca, M., Nguyen, X. N., Obraczka, K., & Turletti, T. (2014). A survey of software-defined networking: Past, present, and future of programmable networks. IEEE Communications Surveys & Tutorials, 16, 1617–1634.CrossRef

Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., & Maglaris, V. (2014). Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Computer Networks, 62, 122–136.CrossRef

Kreutz, D., Ramos, F. M. V., & Veríssimo, P. (2013). Towards secure and dependable software- defined networks. University of Lisbon.CrossRef

Bawany, N. Z., Shamsi, J. A., & Salah, K. (2017). DDoS attack detection and mitigation using SDN: Methods, practices, and solutions. Arabian Journal for Science and Engineering, 42(2), 425–441.CrossRef

Akhunzada, A., Ahmed, E., Gani, A., Khan, M. K., Imran, M., & Guizani, S. (2015). Securing software defined networks: Taxonomy, requirements, and open issues. IEEE Communications Magazine, 53(4), 36–44.CrossRef

Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-defined networking (SDN) and distributed denial of service (DDOS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1), 602–622.CrossRef

Hande, Y., Muddana, A., & Darade, S. (2017). Software-defined network-based intrusion detection system. Innovations in Electronics and Communication Engineering, Lecture notes in Networks and Systems, 7, 535–543.CrossRef

10.

Ma, T., Wang, F., Cheng, J., Yu, Y., & Chen, X. (2016). A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors, 16(10), 1701.CrossRef

11.

Amine Ferrag, M., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 50, 102419.CrossRef

12.

Vani, R. (2017). Towards efficient intrusion detection using deep learning techniques: A review. Int. J. Adv. Res. Comput. Commun. Eng., 6(10), 375–384.

13.

Kokila, R. T., Selvi, S. T., & Govindarajan, K. (2014, December). DDoS detection and analysis in SDN-based environment using support vector machine classifier. In 2014 6th international conference on advanced computing (ICoAC) (pp. 205-210).

14.

Singh, J., & Nene, M. J. (2013). A survey on machine learning techniques for intrusion detection systems. International Journal of Advanced Research in Computer and Communication Engineering, 2(11), 4349–4355.

15.

Ashraf, J., & Latif, S. (2014, November). Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques. In 2014 National software engineering conference (pp. 55-60).

16.

Mousavi, S. M., & St-Hilaire, M. (2017). Early detection of DDoS attacks against software defined network controllers. Journal of Network and Systems Management, 26, 1–19.

17.

David, J., & Thomas, C. (2015). DDoS attack detection using fast entropy approach on flow- based network traffic. Procedia Computer Science, 50, 30–36.CrossRef

18.

Wang, R., Jia, Z., & Ju, L. (2015). An entropy-based distributed DDoS detection mechanism in software-defined networking,” Proc. - 14th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. Trust. 2015, vol. 1, pp. 310–317.

19.

Dong, P., Du, X., Zhang, H., & Xu, T. (2016). A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows. In 2016 IEEE international conference on communications (ICC) (pp. 1-6).

20.

Jankowski, D., & Amanowicz, M. (2016). On efficiency of selected machine learning algorithms for intrusion detection in software defined networks. International Journal of Electronics and Telecommunications, 62(3), 247–252.CrossRef

21.

Jankowski, D., & Amanowicz, M. (2016, May). A method of network workload generation for evaluation of intrusion detection systems in SDN environment. In 2016 International Conference on Military Communications and Information Systems (ICMCIS) (pp. 1-7).

22.

Braga, R., Mota, E., & Passito, A. (2010, October). Lightweight DDoS flooding attack detection using NOX/OpenFlow. In IEEE Local Computer Network Conference (pp. 408-415).

23.

Abubakar, A., & Pranggono, B. (2017, September). Machine learning based intrusion detection system for software defined networks. In 2017 Eighth international conference on emerging security technologies (EST) (pp. 138-143).

24.

Nanda, S., Zafari, F., DeCusatis, C., Wedaa, E., & Yang, B. (2016). Predicting network attack patterns in SDN using machine learning approach. In 2016 IEEE Conference on Network Function Virtualization and Software Defined Networks, Palo Alto, CA, USA, 2016.

25.

Dotcenko, S., Vladyko, A., & Letenko, I. (2014). A fuzzy logic-based information security management for software-defined networks. In 16th International Conference on Advanced Communication Technology (pp. 167-171)

26.

Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., & Ghogho, M. (2016). Deep learning approach for network intrusion detection in software defined networking. In 2016 international conference on wireless networks and mobile communications (WINCOM) (pp. 258-263).

27.

Hodo, E., Bellekens, X., Hamilton, A., Tachtatzis, C., and Atkinson, R. (2017) “Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey,” arXiv: 1701.02145, pp. 1–43.

28.

Javaid, A., Niyaz, Q., Sun, W., and Alam, M. (2016). “A Deep Learning Approach for Network Intrusion Detection System,” Proc. 9th EAI Int. Conf. Bio-inspired Inf. Commun. Technol. (formerly BIONETICS).

29.

Kwon, D., Kim, H., Kim, J., Suh, S. C., Kim, I., and Kim, K. J. (2017). “A survey of deep learning-based network anomaly detection,” Cluster Comput., pp. 1–13.

30.

Kim, J., Kim, J., Thu, H. L. T., & Kim, H. (2016). Long short term memory recurrent neural network classifier for intrusion detection. In 2016 International Conference on Platform Technology and Service (PlatCon) (pp. 1-5).

31.

Niyaz, Q., Sun, W., and Javaid, A. Y. (2017). “A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN),” ICST Trans. Secur. Saf., vol. 4, no. 12, p. 153515.

32.

Li, H., Wei, F., and Hu, H. (2019). “Enabling Dynamic Network Access Control with Anomaly-based IDS and SDN”, Proc. of the ACM Int. Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 13–16.

33.

Manso, P., Moura, J., & Serrão, C. (2019). SDN-based intrusion detection system for early detection and mitigation of DDoS attacks. Information, 10(3), 106. https://doi.org/10.3390/info10030106CrossRef

34.

Ahmim, A., Maglaras, L., Amine Ferrag, M., Derdour, M., Janicke, H. (2019). “A Novel Hierarchical Intrusion Detection System based on Decision Tree and Rules-based Models,” 15^th Int. Conf. on Distributed Computing in Sensor Systems (DCOSS), pp. 228–233.

35.

Ali Albahar, M. (2019). Recurrent neural network model based on a new regularization technique for real-time intrusion detection in SDN environments. Security and Communication Networks, Hindawi,. https://doi.org/10.1155/2019/8939041CrossRef

36.

Faker, O., Dogdu, E. (2019). “Intrusion Detection Using Big Data and Deep Learning Techniques,” In 2019 ACM Southeast Conference (ACMSE 2019), April 18–20, 2019, Kennesaw, GA, USA, DoI: https://doi.org/10.1145/3299815.3314439.

37.

Zhou, M., Li, Y., Yuan, H., Wang, J., & Pu, Q. (2021). Indoor WLAN personnel intrusion detection using transfer learning-aided generative adversarial network with light-loaded database. Mobile Networks and Applications, 26, 1024–1042.CrossRef

38.

Islabudeen, M., & Kavitha Devi, M. K. (2020). A smart approach for intrusion detection and prevention system in mobile Ad Hoc networks against security attacks. Wireless Personal Communications. https://doi.org/10.1007/s11277-019-07022-5CrossRef

39.

Pragya, M., Arya, K. V., & Hardev Pal, S. (2018). Intrusion detection system against colluding misbehavior in MANETs. Wireless Personal Communications, 100(2), 491–503.CrossRef

40.

Meyer,P., Hackel, T., Langer, F., Stahlbock, L., Decker, J., Eckhardt, S. A., Korf, F., Schmit, T. C., Schuppel, F. (2020). “Demo: A Security Infrastructure for Vehicular Information Using SDN, Intrusion Detection, and a Defense Center in the Cloud,” IEEE Vehicular Networking Conference, New York, NY, USA, 16–18 Dec. 2020. DOI: https://doi.org/10.1109/VNC51378.2020.9318351.

41.

Tsogbaatar, E., Bhuyan, M. H., Taenaka, Y., Fall, D., Gonchigsumlaa, K., Elmroth, E., & Kadobayashi, Y. (2021). DeL-IoT: A deep ensemble learning approach to uncover anomalies in IoT. Internet of Things, 14, 100391.CrossRef

42.

Kim, J., Shim, M., Hong, S., Shin, Y., & Choi, E. (2020). Intelligent detection of IoT botnets using machine learning and deep learning. Applied Sciences, 10(19), 7009.CrossRef

43.

Abdollahi, A., & Fathi, M. (2020). An intrusion detection system on ping of death attacks in IoT networks. Wireless Personal Communications. https://doi.org/10.1007/s11277-020-07139-yCrossRef

44.

Jagadeesh Babu, M., & Raji Reddy, A. (2020). SH-IDS: Specification heuristics based intrusion detection system for IoT networks. Wireless Personal Communications. https://doi.org/10.1007/s11277-020-07137-0CrossRef

45.

Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A. (2018). “Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection,” Network and Distributed System Security Symposium (NDSS’18), San Diego, CA, USA, 18–21 . DOI: https://doi.org/10.14722/ndss.2018.232.

46.

Fan, W., Park, Y., Kumar, S., Ganta, P., Zhou, X., Chang, S.-Y. (2021). “Blockchain-Enabled Collaborative Intrusion Detection in Software Defined Networks,” IEEE 19^th Int. Conf. o Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China, 29 Dec.-1 Jan. 2021. DOI: https://doi.org/10.1109/TrustCom50675.2020.00129.

47.

Kamyshanska, H., and Memisevic, R. (2013). “On autoencoder scoring,” Proc. 30th Int. Conf. Mach. Learn., vol. 28, pp. 1757–1765.

48.

Lecun, Y., Bengio, Y., & Hinton, G. (2015). Deep learning. Nature, 521(7553), 436–444.CrossRef

49.

Abbas, A. R., Wolslegel, K., Seshasayee, D., Modrusan, Z., & Clark, H. F. (2009). Deconvolution of blood microarray data identifies cellular activation patterns in systemic lupus erythematosus. PLoS ONE, 4(7), 1–19.CrossRef

50.

Zhuang, F., Cheng, X., Luo, P., Pan, S. J., & He, Q. (2015, June). Supervised representation learning: Transfer learning with deep autoencoders. Proceedings of the Twenty-Fourth International Joint Conference on Artificial Intelligence (IJCAI), pp. 4119–4125.

51.

Ryali, C., Nallamala, G., Fedus, W., and Prabhuzantye, Y. (2015). “Efficient Encoding Using Deep Neural Networks”.

52.

Hinton, G. E., & Salakhutdinov, R. R. (2006). Reducing the dimensionality of data with neural networks. Science, 313(5786), 504–507.MathSciNetCrossRef

53.

Hinton, G. E. (2007). Learning multiple layers of representation. Trends in Cognitive Sciences, 11(10), 428–434.CrossRef

54.

Yousefi-Azar, M., Varadharajan, V., Hamey, L., & Tupakula, U. (2017, May). Autoencoder-based feature learning for cyber security applications. In 2017 International joint conference on neural networks (IJCNN) (pp. 3854-3861).

55.

Salama, M., Eid, H., and Ramadan, R. (2011). “Hybrid intelligent intrusion detection scheme,” Adv. Intell. Soft Comput., pp. 293–303.

56.

Meena, G., & Choudhary, R. R. (2017, July). A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA. In 2017 International Conference on Computer, Communications and Electronics (Comptelix) (pp. 553-558).

57.

Dhanabal, L., & Shantharajah, S. P. (2015). A study on NSL-KDD Dataset For Intrusion Detection System Based On Classification Algorithms. Int. J. Adv. Res. Comput. Commun. Eng., 4(6), 446–452.

58.

Revathi, S., & Malathi, A. (2013). A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection. International Journal of Engineering Research & Technology (IJERT), 2(12), 1848–1853.

59.

Shiravi, A., Shiravi, H., Tavallaee, M., & Ghorbani, A. A. (2012). Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3), 357–374.CrossRef

60.

Sharafaldin, I., Habibi Lashkari, A., and Ghorbani, A. A. (2018) “Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization,” Proc. 4th Int. Conf. Inf. Syst. Secur. Priv., no. Cic, pp. 108–116.

61.

Chowdhury, M. U., Hammond, F., Konowicz, G., Li, J., Xin, C., and Wu, H. (2017). “A Few-shot Deep Learning Approach for Improved Intrusion Detection A Few-shot Deep Learning Approach for Improved Intrusion Detection,” IEEE 8^th Annual Ubiquitous Computing, Electronics and Mobile Communication Conf. (UEMCON), New York, NY, USA, p. pp.1–8.

62.

Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computer Science, 25(March), 152–160.CrossRef

63.

Sathya, R., and Thangarajan, R.(2015). “Efficient anomaly detection and mitigation in software defined networking environment,” in 2015 2^nd International Conference on Electronics and Communication Systems (ICECS), 2015, pp. 479–484.

64.

Mehdi,S. A., Khalid, J., and Khayam, S. A. (2011). “Revisiting Traffic Anomaly Detection Using Software Defined Networking,” Int. Workshop on Recent Advances in Intrusion Detection (RAID), pp. 161–180.

65.

Le, A., Dinh, P., Le, H., and Tran, N. C. (2016). “Flexible Network-Based Intrusion Detection and Prevention System on Software-Defined Networks,” Proc. - 2015 Int. Conf. Adv. Comput. Appl. ACOMP 2015, pp. 106–111.

66.

Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access, 5, 21954–21961.CrossRef

67.

Potluri, S., & Diedrich, C. (2017). Deep feature extraction for multi-class intrusion detection in industrial control systems. Int. J. Comput. Theory Eng., 9(5), 374–379.CrossRef

Title: Detection and Multi-Class Classification of Intrusion in Software Defined Networks Using Stacked Auto-Encoders and CICIDS2017 Dataset
Authors: Padideh Choobdar
Marjan Naderan
Mahmood Naderan
Publication date: 28-09-2021
Publisher: Springer US
Published in: Wireless Personal Communications / Issue 1/2022
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-021-09139-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2022

Content-Based Image Recognition and Tagging by Deep Learning Methods

On the Performance Analysis of Multi-User Massive MIMO Systems with Error Vector Signals for 5G Cellular Networks

Secrecy Trade-off at the Physical Layer over Mixed Fading Multicast Channels Employing Antenna Diversity

Real Time Scheduling in TSCH for IoT Using Neurogenetic Algorithm

Recognition of Indian Sign Language (ISL) Using Deep Learning Model

Power Control for Cognitive Radio Networks: A Game Theoretic Approach