Top

International Journal of Information Security

Published in:

29-10-2023 | Regular Contribution

Network intrusion detection and mitigation in SDN using deep learning models

Authors: Mamatha Maddu, Yamarthi Narasimha Rao

Published in: International Journal of Information Security | Issue 2/2024

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Software-Defined Networking (SDN) is a contemporary network strategy utilized instead of a traditional network structure. It provides significantly more administrative efficiency and ease than traditional networks. However, the centralized control used in SDN entails an elevated risk of single-point failure that is more susceptible to different kinds of network assaults like Distributed Denial of Service (DDoS), DoS, spoofing, and API exploitation which are very complex to identify and mitigate. Thus, a powerful intrusion detection system (IDS) based on deep learning is created in this study for the detection and mitigation of network intrusions. This system contains several stages and begins with the data augmentation method named Deep Convolutional Generative Adversarial Networks (DCGAN) to over the data imbalance problem. Then, the features are extracted from the input data using a CenterNet-based approach. After extracting effective characteristics, ResNet152V2 with Slime Mold Algorithm (SMA) based deep learning is implemented to categorize the assaults in InSDN and Edge IIoT datasets. Once the network intrusion is detected, the proposed defense module is activated to restore regular network connectivity quickly. Finally, several experiments are carried out to validate the algorithm's robustness, and the outcomes reveal that the proposed system can successfully detect and mitigate network intrusions.

previous article A comprehensive survey of phishing: mediums, intended targets, attack and defence techniques and a novel taxonomy

next article The rise of “security and privacy”: bibliometric analysis of computer privacy research

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Alzahrani, A.O., Alenazi, M.J.: ML-IDSDN: machine learning based intrusion detection system for software-defined network. Concurr. Comput.: Pract. Exp. 35(1), e7438 (2023)CrossRef

Hnamte, V., Hussain, J.: DCNNBiLSTM: an efficient hybrid deep learning-based intrusion detection system. Telemat. Inform. Rep. 10, 100053 (2023)CrossRef

Arkan, A., & Ahmadi, M.: An unsupervised and hierarchical intrusion detection system for software-defined wireless sensor networks. J. Supercomput. 79, 11844–11870 (2023)CrossRef

Mehmood, M., Javed, T., Nebhen, J., Abbas, S., Abid, R., Bojja, G.R., Rizwan, M.: A hybrid approach for network intrusion detection. CMC-Comput. Mater. Contin 70, 91–107 (2022)

Henry, A., Gautam, S., Khanna, S., Rabie, K., Shongwe, T., Bhattacharya, P., Chowdhury, S.: Composition of hybrid deep learning model and feature optimization for intrusion detection system. Sensors 23(2), 890 (2023)CrossRef

Bour, H., Abolhasan, M., Jafarizadeh, S., Lipman, J., Makhdoom, I.: A multi-layered intrusion detection system for software defined networking. Comput. Electr. Eng. 101, 108042 (2022)CrossRef

Shailaja, K., Srinivasulu, B., Thirupathi, L., Gangula, R., Boya, T.R., Polem, V.: An intelligent deep feature based intrusion detection system for network applications. Wireless Pers. Commun. 129(1), 345–370 (2023)CrossRef

Zhao, X., Su, H., Sun, Z.: An intrusion detection system based on genetic algorithm for software-defined networks. Mathematics 10(21), 3941 (2022)CrossRef

Gupta, S.K., Tripathi, M., Grover, J.: Hybrid optimization and deep learning based intrusion detection system. Comput. Electr. Eng. 100, 107876 (2022)CrossRef

10.

Ariffin, S.H., Le Chong, J., Latif, N.M.A.A., Abd Malik, N.N.N., Baharudin, M.A., Syed-Yusof, S.K., Yusof, K.M.: Intrusion detection system (IDS) Accuracy testing for software defined network internet of things (SDN-IOT) Testbed. ELEKTRIKA-J. Electr. Eng. 21(3), 23–27 (2022)CrossRef

11.

Zavrak, S., Iskefiyeli, M.: Flow-based intrusion detection on software-defined networks: a multivariate time series anomaly detection approach. Neural Comput. Appl. 35(16), 12175–12193 (2023)CrossRef

12.

Al Razib, M., Javeed, D., Khan, M.T., Alkanhel, R., Muthanna, M.S.A.: Cyber threats detection in smart environments using SDN-enabled DNN-LSTM hybrid framework. IEEE Access 10, 53015–53026 (2022)CrossRef

13.

Abdulsamad, A.A., Salih, T.A.: IoT security improvement based on SDN controller. Eurasian J. Eng. Technol. 14, 49–56 (2023)

14.

Guo, X., Bai, W.: ML-SDNIDS: an attack detection mechanism for SDN based on machine learning. Int. J. Inf. Comput. Secur. 19(1–2), 118–141 (2022)

15.

Kumar, J.: Mitigate volumetric DDoS attack using machine learning algorithm in SDN based IoT network environment. Int. J. Adv. Comput. Sci. Appl. 14(1), 559–568 (2023)

16.

Bhardwaj, A., Tyagi, R., Sharma, N., Khare, A., Punia, M.S., Garg, V.K.: Network intrusion detection in software defined networking with self-organized constraint-based intelligent learning framework. Measur.: Sens. 24, 100580 (2022)

17.

Jadhav, K.P., Arjariya, T., Gangwar, M.: Hybrid-Ids: an approach for intrusion detection system with hybrid feature extraction technique using supervised machine learning. Int. J. Intell. Syst. Appl. Eng. 11(5s), 591–597 (2023)

18.

Maray, M., Alshahrani H.M., Alissa, K., Alotaibi, N., Gaddah, A., Meree, A., Hamza, M.A.: Optimal deep learning driven intrusion detection in SDN-Enabled IoT environment. Comput. Mater. Continua 74(3), 6587–6604 (2022)CrossRef

19.

El-Shamy, A.M., El-Fishawy, N.A., Attiya, G.M., Ahmed, M.: Detection optimization of rare attacks in software-defined network using ensemble learning. Mansoura Eng.. J. 48(1), 4 (2023)CrossRef

20.

Yang, L., Song, Y., Gao, S., Hu, A., Xiao, B.: Griffin: real-time network intrusion detection system via ensemble of autoencoder in SDN. IEEE Trans. Netw. Serv. Manage. 19(3), 2269–2281 (2022)CrossRef

21.

Elsayed, R.A., Hamada, R.A., Abdalla, M.I., Elsaid, S.A.: Securing IoT and SDN systems using deep-learning based automatic intrusion detection. Ain Shams Eng. J. 14(10), 102211 (2023)CrossRef

22.

Chen, L., Wang, Z., Huo, R., Huang, T.: An adversarial DBN-LSTM method for detecting and defending against DDoS attacks in SDN environments. Algorithms 16(4), 197 (2023)CrossRef

23.

Khedr, W.I., Gouda, A.E., Mohamed, E.R.: FMDADM: a multi-layer DDoS attack detection and mitigation framework using machine learning for stateful SDN-based IoT networks. IEEE Access 11, 28934–28954 (2023)CrossRef

24.

Wang, J., Wang, L.: SDN-defend: a lightweight online attack detection and mitigation system for DDoS attacks in SDN. Sensors 22(21), 8287 (2022)CrossRef

25.

Logeswari, G., Bose, S., Anitha, T.: An intrusion detection system for sdn using machine learning. Intell. Autom. Soft Comput. 35(1), 867–880 (2023)CrossRef

26.

Ravi, V., Chaganti, R., Alazab, M.: Deep learning feature fusion approach for an intrusion detection system in SDN-based IoT networks. IEEE Internet Things Mag. 5(2), 24–29 (2022)CrossRef

27.

Linhares, T., Patel, A., Barros, A.L., Fernandez, M.: SDNTruth: innovative DDoS detection scheme for software-defined networks (SDN). J. Netw. Syst. Manage. 31(3), 55 (2023)CrossRef

28.

Jia, K., Liu, C., Liu, Q., Wang, J., Liu, J., Liu, F.: A lightweight DDoS detection scheme under SDN context. Cybersecurity 5(1), 27 (2022)CrossRef

29.

Elsayed, M.S., Le-Khac, N.A., Jurcut, A.D.: InSDN: a novel SDN intrusion dataset. IEEE Access 8, 165263–165284 (2020)CrossRef

30.

Ferrag, M.A., Friha, O., Hamouda, D., Maglaras, L., Janicke, H.: Edge-IIoTset: a new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. IEEE Access 10, 40281–40306 (2022)CrossRef

31.

Safwan, H., Iqbal, Z., Amin, R., Khan, M.A., Alhaisoni, M., Alqahtani, A., Chang, B.: An IoT environment based framework for intelligent intrusion detection, computer. Mater. Cont. 75(2), 2366–2381 (2023)

32.

Friha, O., Ferrag, M.A., Shu, L., Maglaras, L., Choo, K.K.R., Nafaa, M.: FELIDS: federated learning-based intrusion detection system for agricultural Internet of Things. J. Parallel Distrib. Comput. 165, 17–31 (2022)CrossRef

33.

Aouedi, O., Piamrat, K.: F-BIDS: federated-blending based intrusion detection system. Pervas. Mob. Comput. 89, 101750 (2023)CrossRef

34.

Alashhab, A.A., Zahid, M.S.M., Muneer, A., & Abdullahi, M.: Low-rate DDoS attack detection using deep learning for SDN-enabled IoT networks. Int. J. Adv. Comput. Sci. Appl. 13(11), 371–377 (2022)

35.

Tareq, I., Elbagoury, B.M., El-Regaily, S., El-Horbaty, E.S.M.: Analysis of ToN-IoT, UNW-NB15, and Edge-IIoT datasets using DL in cybersecurity for IoT. Appl. Sci. 12(19), 9572 (2022)CrossRef

36.

Rashid, M.M., Khan, S.U., Eusufzai, F., Redwan, M.A., Sabuj, S.R., Elsharief, M.: A federated learning-based approach for improving intrusion detection in industrial internet of things networks. Network 3(1), 158–179 (2023)CrossRef

37.

Ghourabi, A.: A security model based on LightGBM and transformer to protect healthcare systems from cyberattacks. IEEE Access 10, 48890–48903 (2022)CrossRef

38.

Dini, P., Begni, A., Ciavarella, S., De Paoli, E., Fiorelli, G., Silvestro, C., Saponara, S.: Design and testing novel one-class classifier based on polynomial interpolation with application to networking security. IEEE Access 10, 67910–67924 (2022)CrossRef

Title: Network intrusion detection and mitigation in SDN using deep learning models
Authors: Mamatha Maddu
Yamarthi Narasimha Rao
Publication date: 29-10-2023
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 2/2024
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-023-00771-2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2024

Blockchain-based multi-organizational cyber risk management framework for collaborative environments

Integrating the edge computing paradigm into the development of IoT forensic methodologies

Generating ICS vulnerability playbooks with open standards

The rise of “security and privacy”: bibliometric analysis of computer privacy research

A systematic mapping study on security for systems of systems

Fairness as a Service (FaaS): verifiable and privacy-preserving fairness auditing of machine learning systems

Premium Partner