An Efficient Flow-based Multi-level Hybrid Intrusion Detection System for Software-Defined Networks

by   Majd Latah, et al.

Software-Defined Networking (SDN) is a novel networking paradigm that provides enhanced programming abilities, which can be used to solve traditional security challenges on the basis of more efficient approaches. The most important element in the SDN paradigm is the controller, which is responsible for managing the flows of each correspondence forwarding element (switch or router). Flow statistics provided by the controller are considered to be useful information that can be used to develop a network-based intrusion detection system. Therefore, in this paper, we propose a 5-level hybrid classification system based on flow statistics in order to attain an improvement in the overall accuracy of the system. For the first level, we employ the k-Nearest Neighbor approach (kNN); for the second level, we use the Extreme Learning Machine (ELM); and for the remaining levels, we utilize the Hierarchical Extreme Learning Machine (H-ELM) approach. In comparison with conventional supervised machine learning algorithms based on the NSL-KDD benchmark dataset, the experimental study showed that our system achieves the highest level of accuracy (84.29 intrusion detection in SDNs.


page 1

page 2

page 3

page 4


Towards an Efficient Anomaly-Based Intrusion Detection for Software-Defined Networks

Software-defined networking (SDN) is a new paradigm that allows developi...

A Novel Approach To Network Intrusion Detection System Using Deep Learning For Sdn: Futuristic Approach

Software-Defined Networking (SDN) is the next generation to change the a...

A Machine Learning Based Intrusion Detection System for Software Defined 5G Network

As an inevitable trend of future 5G networks, Software Defined architect...

DDoSNet: A Deep-Learning Model for Detecting Network Attacks

Software-Defined Networking (SDN) is an emerging paradigm, which evolved...

Destination-aware Adaptive Traffic Flow Rule Aggregation in Software-Defined Networks

In this paper, we propose a destination-aware adaptive traffic flow rule...

AutoIDS: Auto-encoder Based Method for Intrusion Detection System

Intrusion Detection System (IDS) is one of the most effective solutions ...

Watching Smartly from the Bottom: Intrusion Detection revamped through Programmable Networks and Artificial Intelligence

The advent of Programmable Data Planes represents an outstanding evoluti...