DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity...

Full description

Saved in:
Bibliographic Details
Published inElectronics (Basel) Vol. 9; no. 9; p. 1533
Main Authors Tang, Tuan Anh, Mhamdi, Lotfi, McLernon, Des, Zaidi, Syed Ali Raza, Ghogho, Mounir, El Moussa, Fadi
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.09.2020
Subjects
Accuracy
Algorithms
Anomalies
Artificial neural networks
Communication channels
Computer architecture
Controllers
Cybersecurity
Datasets
Deep learning
Denial of service attacks
False alarms
Internet
Intrusion detection systems
Machine learning
Network latency
Neural networks
Performance evaluation
Recurrent neural networks
Resource utilization
Software
Software-defined networking
Support vector machines
Online AccessGet full text

Cover

More Information
Summary:Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.
ISSN:2079-9292
2079-9292
DOI:10.3390/electronics9091533