DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking
Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity...
Saved in:
Published in | Electronics (Basel) Vol. 9; no. 9; p. 1533 |
---|---|
Main Authors | , , , , , |
Format | Journal Article |
Language | English |
Published |
Basel
MDPI AG
01.09.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach. |
---|---|
AbstractList | Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach. |
Author | Tang, Tuan Anh El Moussa, Fadi Mhamdi, Lotfi Ghogho, Mounir McLernon, Des Zaidi, Syed Ali Raza |
Author_xml | – sequence: 1 givenname: Tuan Anh surname: Tang fullname: Tang, Tuan Anh – sequence: 2 givenname: Lotfi surname: Mhamdi fullname: Mhamdi, Lotfi – sequence: 3 givenname: Des surname: McLernon fullname: McLernon, Des – sequence: 4 givenname: Syed Ali Raza surname: Zaidi fullname: Zaidi, Syed Ali Raza – sequence: 5 givenname: Mounir surname: Ghogho fullname: Ghogho, Mounir – sequence: 6 givenname: Fadi surname: El Moussa fullname: El Moussa, Fadi |
BookMark | eNplkE1LAzEQhoMoWGv_gKcFz6uTTLPbeCutH4Wih6rXJZsP3VqTNUkp_ntT6kFwLvMwvDPv8J6RY-edIeSCwhWigGuzMSoF7zoVBQjKEY_IgEEtSsEEO_7Dp2QU4xpyCYoThAF5nRvTL-arm2IPxdLI4Dr3Vkz7Pnip3gvrQ7FwKWxj510Wpey1p84VK2_TTgaTp7ZzRhePJu18-Mj75-TEyk00o98-JC93t8-zh3L5dL-YTZelQipSyTXKGoHxlgNgDcJSqLSRLepKty3asVaiUkxq5BPWWhwDsxY5ajQoqMIhuTzczd9-bU1Mzdpvg8uWDeNCQM0rClnFDioVfIzB2KYP3acM3w2FZh9h8z9C_AEC2Wjq |
CitedBy_id | crossref_primary_10_32604_cmc_2023_033896 crossref_primary_10_1109_JIOT_2022_3229722 crossref_primary_10_3390_sym14091916 crossref_primary_10_1016_j_procs_2021_10_078 crossref_primary_10_3390_electronics9122006 crossref_primary_10_32604_cmc_2021_017665 crossref_primary_10_3390_info14010041 crossref_primary_10_1007_s11277_023_10402_7 crossref_primary_10_1109_TNSE_2021_3059881 crossref_primary_10_1016_j_jnca_2021_103111 crossref_primary_10_32604_cmc_2022_017772 crossref_primary_10_7717_peerj_cs_1674 crossref_primary_10_1007_s10922_023_09748_x crossref_primary_10_32604_cmc_2023_034176 crossref_primary_10_1016_j_jnca_2021_103093 crossref_primary_10_1016_j_comnet_2022_109484 crossref_primary_10_3390_s23094441 crossref_primary_10_1016_j_procs_2024_04_176 crossref_primary_10_1371_journal_pone_0297548 crossref_primary_10_3390_fi14020044 crossref_primary_10_1016_j_micpro_2022_104752 crossref_primary_10_32604_iasc_2023_034908 crossref_primary_10_32604_iasc_2022_024668 crossref_primary_10_1016_j_comcom_2021_11_014 crossref_primary_10_1016_j_compeleceng_2022_108034 crossref_primary_10_1007_s11227_023_05073_x crossref_primary_10_1109_ACCESS_2022_3148134 crossref_primary_10_1109_TCE_2023_3283704 crossref_primary_10_3390_telecom4030025 crossref_primary_10_1007_s11042_024_18466_8 crossref_primary_10_4236_jis_2024_152015 crossref_primary_10_1016_j_phycom_2022_101956 crossref_primary_10_29130_dubited_737211 crossref_primary_10_3233_JIFS_236340 |
Cites_doi | 10.15439/2014F175 10.1016/j.comnet.2016.05.019 10.1109/NTMS.2011.5720582 10.1109/CISDA.2009.5356528 10.1109/COMST.2015.2453114 10.1016/j.jnca.2016.12.024 10.1109/ICCNC.2015.7069319 10.1145/1355734.1355746 10.1145/2534169.2486019 10.1016/j.bjp.2013.10.014 10.1109/SP.2010.25 10.14722/ndss.2015.23064 10.1109/ICoAC.2014.7229711 10.1109/JPROC.2014.2371999 10.4108/eai.3-12-2015.2262516 10.1109/CCE.2016.7562606 10.1145/2491185.2491199 10.1109/CINTI.2014.7028696 10.1016/j.protcy.2012.05.017 10.1109/ACCESS.2017.2762418 10.1109/TETCI.2017.2772792 10.1109/LCN.2010.5735752 10.1109/WINCOM.2016.7777224 10.1016/j.cose.2011.12.012 10.1109/ATC.2015.7388340 10.1007/978-3-642-23644-0_9 10.3115/v1/D14-1179 |
ContentType | Journal Article |
Copyright | 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
Copyright_xml | – notice: 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. |
DBID | AAYXX CITATION 7SP 8FD 8FE 8FG ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO HCIFZ L7M P5Z P62 PIMPY PQEST PQQKQ PQUKI PRINS |
DOI | 10.3390/electronics9091533 |
DatabaseName | CrossRef Electronics & Communications Abstracts Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) ProQuest Central Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Central Technology Collection ProQuest One Community College ProQuest Central Korea SciTech Premium Collection Advanced Technologies Database with Aerospace Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection Publicly Available Content Database ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic ProQuest One Academic UKI Edition ProQuest Central China |
DatabaseTitle | CrossRef Publicly Available Content Database Advanced Technologies & Aerospace Collection Technology Collection Technology Research Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest One Academic Eastern Edition Electronics & Communications Abstracts ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Technology Collection ProQuest SciTech Collection ProQuest Central China ProQuest Central Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition ProQuest Central Korea ProQuest One Academic Advanced Technologies Database with Aerospace |
DatabaseTitleList | Publicly Available Content Database CrossRef |
Database_xml | – sequence: 1 dbid: 8FG name: ProQuest Technology Collection url: https://search.proquest.com/technologycollection1 sourceTypes: Aggregation Database |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Engineering |
EISSN | 2079-9292 |
ExternalDocumentID | 10_3390_electronics9091533 |
GroupedDBID | 5VS 8FE 8FG AAYXX AFKRA ALMA_UNASSIGNED_HOLDINGS ARAPS BENPR BGLVJ CCPQU CITATION GROUPED_DOAJ HCIFZ IAO KQ8 MODMG M~E OK1 P62 PIMPY PROAC 7SP 8FD ABUWG AZQEC DWQXO L7M PQEST PQQKQ PQUKI PRINS |
ID | FETCH-LOGICAL-c319t-5d3a73025b5003709f106deab3d6dbb3f4dc96c2ad3582bf3402ff353d3e391c3 |
IEDL.DBID | BENPR |
ISSN | 2079-9292 |
IngestDate | Thu Oct 10 20:05:39 EDT 2024 Thu Sep 26 21:26:43 EDT 2024 |
IsDoiOpenAccess | true |
IsOpenAccess | true |
IsPeerReviewed | true |
IsScholarly | true |
Issue | 9 |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-c319t-5d3a73025b5003709f106deab3d6dbb3f4dc96c2ad3582bf3402ff353d3e391c3 |
OpenAccessLink | https://www.proquest.com/docview/2599075610?pq-origsite=%requestingapplication% |
PQID | 2599075610 |
PQPubID | 2032404 |
ParticipantIDs | proquest_journals_2599075610 crossref_primary_10_3390_electronics9091533 |
PublicationCentury | 2000 |
PublicationDate | 2020-09-01 |
PublicationDateYYYYMMDD | 2020-09-01 |
PublicationDate_xml | – month: 09 year: 2020 text: 2020-09-01 day: 01 |
PublicationDecade | 2020 |
PublicationPlace | Basel |
PublicationPlace_xml | – name: Basel |
PublicationTitle | Electronics (Basel) |
PublicationYear | 2020 |
Publisher | MDPI AG |
Publisher_xml | – name: MDPI AG |
References | Mukherjee (ref_12) 2012; 4 Shone (ref_15) 2018; 2 ref_13 ref_35 ref_34 ref_10 ref_32 ref_31 ref_30 Ha (ref_28) 2016; 109 ref_19 AlEroud (ref_20) 2017; 80 ref_18 ref_17 ref_16 Kreutz (ref_5) 2015; 103 Ibrahim (ref_11) 2013; 8 ref_25 Natarajan (ref_6) 2016; 18 ref_23 Yin (ref_14) 2017; 5 ref_22 ref_21 Shiravi (ref_33) 2012; 31 ref_1 ref_29 ref_27 ref_26 ref_9 ref_8 Giotis (ref_24) 2014; 62 Jain (ref_3) 2013; 43 McKeown (ref_2) 2008; 38 ref_4 ref_7 |
References_xml | – ident: ref_9 – ident: ref_30 – ident: ref_27 doi: 10.15439/2014F175 – volume: 109 start-page: 172 year: 2016 ident: ref_28 article-title: Suspicious traffic sampling for intrusion detection in software-defined networks publication-title: Comput. Netw. doi: 10.1016/j.comnet.2016.05.019 contributor: fullname: Ha – ident: ref_32 – ident: ref_19 doi: 10.1109/NTMS.2011.5720582 – ident: ref_34 – ident: ref_10 doi: 10.1109/CISDA.2009.5356528 – volume: 18 start-page: 623 year: 2016 ident: ref_6 article-title: A survey of security in software defined networks publication-title: IEEE Commun. Surv. Tutor. doi: 10.1109/COMST.2015.2453114 contributor: fullname: Natarajan – volume: 80 start-page: 152 year: 2017 ident: ref_20 article-title: Identifying cyber-attacks on software defined networks: An inference-based intrusion detection approach publication-title: J. Netw. Comput. Appl. doi: 10.1016/j.jnca.2016.12.024 contributor: fullname: AlEroud – ident: ref_22 doi: 10.1109/ICCNC.2015.7069319 – volume: 38 start-page: 69 year: 2008 ident: ref_2 article-title: OpenFlow: Enabling innovation in campus networks publication-title: ACM SIGCOMM Comput. Commun. Rev. doi: 10.1145/1355734.1355746 contributor: fullname: McKeown – volume: 43 start-page: 3 year: 2013 ident: ref_3 article-title: B4: Experience with a globally-deployed software defined WAN publication-title: ACM SIGCOMM Comput. Commun. Rev. doi: 10.1145/2534169.2486019 contributor: fullname: Jain – ident: ref_1 – ident: ref_35 – volume: 62 start-page: 122 year: 2014 ident: ref_24 article-title: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments publication-title: Comput. Netw. doi: 10.1016/j.bjp.2013.10.014 contributor: fullname: Giotis – ident: ref_7 doi: 10.1109/SP.2010.25 – ident: ref_26 doi: 10.14722/ndss.2015.23064 – volume: 8 start-page: 107 year: 2013 ident: ref_11 article-title: A comparison study for intrusion database (Kdd99, Nsl-Kdd) based on self organization map (SOM) artificial neural network publication-title: J. Eng. Sci. Technol. contributor: fullname: Ibrahim – ident: ref_18 doi: 10.1109/ICoAC.2014.7229711 – volume: 103 start-page: 14 year: 2015 ident: ref_5 article-title: Software-defined networking: A comprehensive survey publication-title: Proc. IEEE doi: 10.1109/JPROC.2014.2371999 contributor: fullname: Kreutz – ident: ref_13 doi: 10.4108/eai.3-12-2015.2262516 – ident: ref_17 doi: 10.1109/CCE.2016.7562606 – ident: ref_4 doi: 10.1145/2491185.2491199 – ident: ref_21 doi: 10.1109/CINTI.2014.7028696 – ident: ref_31 – volume: 4 start-page: 119 year: 2012 ident: ref_12 article-title: Intrusion detection using naive Bayes classifier with feature reduction publication-title: Procedia Technol. doi: 10.1016/j.protcy.2012.05.017 contributor: fullname: Mukherjee – volume: 5 start-page: 21954 year: 2017 ident: ref_14 article-title: A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks publication-title: IEEE Access doi: 10.1109/ACCESS.2017.2762418 contributor: fullname: Yin – volume: 2 start-page: 41 year: 2018 ident: ref_15 article-title: A deep learning approach to network intrusion detection publication-title: IEEE Trans. Emerg. Top. Comput. Intell. doi: 10.1109/TETCI.2017.2772792 contributor: fullname: Shone – ident: ref_16 doi: 10.1109/LCN.2010.5735752 – ident: ref_8 doi: 10.1109/WINCOM.2016.7777224 – volume: 31 start-page: 357 year: 2012 ident: ref_33 article-title: Toward developing a systematic approach to generate benchmark datasets for intrusion detection publication-title: Comput. Secur. doi: 10.1016/j.cose.2011.12.012 contributor: fullname: Shiravi – ident: ref_23 doi: 10.1109/ATC.2015.7388340 – ident: ref_25 doi: 10.1007/978-3-642-23644-0_9 – ident: ref_29 doi: 10.3115/v1/D14-1179 |
SSID | ssj0000913830 |
Score | 2.4495163 |
Snippet | Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future... |
SourceID | proquest crossref |
SourceType | Aggregation Database |
StartPage | 1533 |
SubjectTerms | Accuracy Algorithms Anomalies Artificial neural networks Communication channels Computer architecture Controllers Cybersecurity Datasets Deep learning Denial of service attacks False alarms Internet Intrusion detection systems Machine learning Network latency Neural networks Performance evaluation Recurrent neural networks Resource utilization Software Software-defined networking Support vector machines |
Title | DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking |
URI | https://www.proquest.com/docview/2599075610 |
Volume | 9 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfR1NT8IwtFG46MH4GVEkPXgzDdvass2LQQHBBGJEDLeln8bLQCHx5m_3dSsiMTHZYWu7Ht7L-_5C6DJoKcl4KEjItCUs5hERVgQk5bIVxLHSoggXDEet_oQ9TPnUO9wWPq1yxRMLRq1nyvnIm6Cmgx3npP3N_J24qVEuuupHaGyjahQyF6at3nZHj08_XhbX9TKhQVktQ8G-b66nyyxS2OWUbkqkTYZcSJnePtrz6iFul_g8QFsmP0S7v5oGHqGXjjHzQWd8jd0L9g1SX3HbdwfHoIbiQe6KKQDmcGhZZFvl-C3HY2C6n-LDwKqFGzUelVng8P8xmvS6z3d94qcjEAVksyRcUwHkGXHJXROZILVg3WkjJHUzoiS1TKu0pSKhXTGstBQsRWspp5oamoaKnqBKPsvNKcKJTVKVKGHhYToWUqdwKoQ7FbOhkTV0tYJQNi-bYGRgPDh4Zn_hWUP1FRAzTxCLbI2-s_-3z9FO5EzaIo2rjioALXMBcn8pG2g76d03PIrha_jV_QYIE7Mb |
link.rule.ids | 315,786,790,12792,21416,27955,27956,33406,33777,43633,43838,74390,74657 |
linkProvider | ProQuest |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV07T8MwELagDMCAeIpCAQ9syGoS23mwoAooLbRd2qJukZ-IJS20En-fc-JSKiSkDFHseLjzPb7z-Q6h6yBWkvFQkJBpS1jCIyKsCEjGZRwkidKiPC7oD-LOmD1P-MQH3OY-rXKpE0tFrafKxcib4KYDjnPW_m72QVzXKHe66ltobKItRmPq9nnafvqJsbialykNqrsyFNB9c9VbZp7BKKd03R6tq-PSxrT30Z53DnGr4uYB2jDFIdr9VTLwCL0-GDPrPgxvsXvBvjzqG2752uAYnFDcLdxVCqA4TFqUuVYFfi_wEFTul_g08NXCihoPqhxw-P8YjduPo_sO8b0RiAKhWRCuqQDhjLjkroRMkFnAdtoISV2HKEkt0yqLVSS0uworLQWcaC3lVFNDs1DRE1QrpoU5RTi1aaZSJSw8TCdC6gxmhbCmYjY0so5ulhTKZ1UJjBygg6Nn_peeddRYEjH34jDPV8w7-3_4Cm13Rv1e3usOXs7RTuTAbZnQ1UA1oJy5AA9gIS9LNn8DIBWyiw |
linkToPdf | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3LS8MwGA86QfQgPnE6NQdvEtY2Tdt4keGsm48hzMluJU_x0k038N_3S5s5RRB6KP3SHH4f3yv5HgidB4mSMQsFCWNtSZyyiAgrAsKZTII0VVpU1wWPg6Q3iu_GbOzzn2Y-rXKhEytFrSfKnZG3wU2HOM5Z-7b1aRFP3fxq-k7cBCl30-rHaayiNedkuzEOWX77fd7i-l9mNKjrZijQ28s5MzMOVEbpb9v0WzVX9ibfRlveUcSdmrM7aMWUu2jzR_vAPfTSNWba7w4vsXvBvlXqK-74PuEYHFLcL11ZBaAPi-ZV3lWJ30o8BPX7KT4MfLWwo8aDOh8c_t9Ho_zm-bpH_JwEokCA5oRpKkBQIyaZaycTcAtxnjZCUjctSlIba8UTFQntymKlpRAzWksZ1dRQHip6gBrlpDSHCGc24ypTwsIT61RIzWFVCHuq2IZGNtHFAqFiWrfDKCCMcHgWf_FsotYCxMKLxqxYMvLof_IZWgcOFw_9wf0x2ohcnFvldrVQA4AzJ-AMzOVpxeUvEqK2wA |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=DeepIDS%3A+Deep+Learning+Approach+for+Intrusion+Detection+in+Software+Defined+Networking&rft.jtitle=Electronics+%28Basel%29&rft.au=Tang%2C+Tuan+Anh&rft.au=Mhamdi%2C+Lotfi&rft.au=McLernon%2C+Des&rft.au=Zaidi%2C+Syed+Ali+Raza&rft.date=2020-09-01&rft.issn=2079-9292&rft.eissn=2079-9292&rft.volume=9&rft.issue=9&rft.spage=1533&rft_id=info:doi/10.3390%2Felectronics9091533&rft.externalDBID=n%2Fa&rft.externalDocID=10_3390_electronics9091533 |
thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2079-9292&client=summon |
thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2079-9292&client=summon |
thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2079-9292&client=summon |