An Efficient Flow-based Multi-level Hybrid Intrusion Detection System for Software-Defined Networks
share
Software-Defined Networking (SDN) is a novel networking paradigm that provides enhanced programming abilities, which can be used to solve traditional security challenges on the basis of more efficient approaches. The most important element in the SDN paradigm is the controller, which is responsible for managing the flows of each correspondence forwarding element (switch or router). Flow statistics provided by the controller are considered to be useful information that can be used to develop a network-based intrusion detection system. Therefore, in this paper, we propose a 5-level hybrid classification system based on flow statistics in order to attain an improvement in the overall accuracy of the system. For the first level, we employ the k-Nearest Neighbor approach (kNN); for the second level, we use the Extreme Learning Machine (ELM); and for the remaining levels, we utilize the Hierarchical Extreme Learning Machine (H-ELM) approach. In comparison with conventional supervised machine learning algorithms based on the NSL-KDD benchmark dataset, the experimental study showed that our system achieves the highest level of accuracy (84.29 intrusion detection in SDNs.
READ FULL TEXT
