Open Access Open Access  Restricted Access Subscription Access

Modified Deep Learning Methodology Based Malicious Intrusion Detection System in Software Defined Networking


Affiliations
1 Department of Computer Science and Engineering, Annamalai University, Chidambaram, Tamil Nadu, India
2 Department of Computer Science and Engineering, DMI College of Engineering, Chennai, Tamil Nadu, India
 

Software Defined Networking (SDN) has increased a high-level attention in recent years, mainly because of its ability to address the cyber security challenges. Machine learning architectures were developed as the SDN system to detect the security threads; however, present techniques are limited with (i) higher computation time during malicious switch detection, (ii) reduced malicious switch detection rate (MSDR). This paper presents modified deep learning architecture based SDN system consist of two stages: (i) training stage, computes the external feature maps from both trusted and malicious network switches connected to the SDN controller, (ii) testing stage, classifying the trust and malicious switches connected with SDN controller. The feature maps are trained and classified with Modified LeNET Convolutional Neural Networks (CNN) architecture. The proposed methodology is simulated via network simulator under environmental constraint conditions. The results shows that the proposed methodology reduced the malicious switch detection computational time about a half as well as it increased the MSDR to about 6% compared to the conventional methodologies.

Keywords

SDN, Switch, Malicious, CNN, Feature Maps.
User
Notifications
Font Size

  • X.-F. Chen, and S.Z.Yu, “CIPA: Collaborative intrusion prevention architecture for programmable network and SDN,”Comput. Secur. Vol. 58, No.1, 2016, pp. 1-19.
  • T. Das, V. Sridharan, and M. Gurusamy, “A survey on controller placement in sdn. ieee communications surveys and tutorials,” Vol. 22, No. 1, 2020, pp. 472-503.
  • E. Vasilomanolakis, S. Karuppayah, M. Muhlhauser, and Mathias Fischer, “Taxonomy and survey of collaborative intrusion detection,” ACM Comput. Surv. Vol. 47, No. 4, 2015, pp. 1-10.
  • C.J. Fung and R. Boutaba, “Design and management of collaborative intrusion detection networks,” IFIP/IEEE International Symposium on Integrated Network Management (IM), Vol.1, No.1, 2013, pp. 955-961.
  • S. Hameed, and H.A. Khan, “SDN based collaborative scheme for mitigation of DDOS attacks,” Future Internet, Vol. 10, No. 3, 2018, pp. 281-288.
  • Z. Ma, L. Liu, and W. Meng, “Towards multiple-mix-attack detection via consensus-based trust management in IOT networks,” Comput. Secur., Vol.1, N0.1, 2020, pp. 12-17.
  • Y. Meng, “The practice on using machine learning for network anomaly intrusion detection,” IEEE International Conference on Machine Learning and Cybernetics, Vol.1, No.1, 2011, pp. 576-581.
  • W. Meng, W. Li, Y. Xiang and K.-K.R. Choo., “A bayesian inference-based detection mechanism to defend medical smartphone networks against insider attacks,” Journal of Network and Computer Applications, Vol. 78, No.3, 2017, pp. 162-169.
  • R. Gupta, and S. Rajan, “Comparative analysis of convolution neural network models for continuous Indian sign language classification”, Procedia Computer Science, Vol. 171, No.2, 2020, 1542–1550.
  • D. Chasaki and C. Mansour, “Detecting malicious hosts in SDN through system call learning,” IEEE Conference on Computer Communications Workshops, 2021, pp. 1-6.
  • M. Amanowicz and D. Jankowski, “Detection and classification of malicious flows in software-defined networks using data mining techniques,” Sensors, Vol.21, No.1, 2021, pp.1-24.
  • A. Derhab, M. Guerroumi, M. Belaoued, and O. Cheikhrouhou, “BMC-SDN: blockchain-based multi controller architecture for secure software-defined networks,” Wireless Communications and Mobile Computing, Vol. 2021, No. 9984666, 2021, pp.1-15.
  • F.N. Nife, and Z. Kotulski, “Application-aware firewall mechanism for software defined networks,” J. Network Syst Manage, Vol. 28, No.1,2020, pp. 605–626.
  • A. Sebbar, K. ZKIK, and Y. Baddi, “MitM detection and defense mechanism CBNA-RF based on machine learning for large-scale SDN context,” Journal of Ambient Intell Human Comput, Vol.11, No.7, 2020, pp. 5875–5894.
  • P. W. Chi, M. H. Wang, and Y. Zheng, "Sandbox Net: An online malicious SDN application detection framework for SDN networking," International Computer Symposium (ICS), Vol.1, No.1, 2020, pp. 397-402.
  • C.V. Neu, C. Tatsch, R.C. Lunardi, R.A. Michelin, A.M. Orozco, and A.F. Zorzo, “Lightweight IPS for port scan in open flow SDN networks,” IEEE/IFIP Network Operations and Manag. Symposium, Taipei, Taiwan, 2018, pp. 1–6.
  • Y. Chang, and T. Lin, “Cloud-clustered firewall with distributed SDN devices,” IEEE Wireless Communications and Networking Conference (WCNC), Barcelona, Vol.1, No.1, 2018, pp. 1–5, 2018.

Abstract Views: 399

PDF Views: 2




  • Modified Deep Learning Methodology Based Malicious Intrusion Detection System in Software Defined Networking

Abstract Views: 399  |  PDF Views: 2

Authors

Thangaraj Ethilu
Department of Computer Science and Engineering, Annamalai University, Chidambaram, Tamil Nadu, India
Abirami Sathappan
Department of Computer Science and Engineering, Annamalai University, Chidambaram, Tamil Nadu, India
Paul Rodrigues
Department of Computer Science and Engineering, DMI College of Engineering, Chennai, Tamil Nadu, India

Abstract


Software Defined Networking (SDN) has increased a high-level attention in recent years, mainly because of its ability to address the cyber security challenges. Machine learning architectures were developed as the SDN system to detect the security threads; however, present techniques are limited with (i) higher computation time during malicious switch detection, (ii) reduced malicious switch detection rate (MSDR). This paper presents modified deep learning architecture based SDN system consist of two stages: (i) training stage, computes the external feature maps from both trusted and malicious network switches connected to the SDN controller, (ii) testing stage, classifying the trust and malicious switches connected with SDN controller. The feature maps are trained and classified with Modified LeNET Convolutional Neural Networks (CNN) architecture. The proposed methodology is simulated via network simulator under environmental constraint conditions. The results shows that the proposed methodology reduced the malicious switch detection computational time about a half as well as it increased the MSDR to about 6% compared to the conventional methodologies.

Keywords


SDN, Switch, Malicious, CNN, Feature Maps.

References





DOI: https://doi.org/10.22247/ijcna%2F2021%2F209704