Skip to main content
SpringerLink
Log in

Deep learning for the security of software-defined networks: a review

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

As the scale and complexity of networks grow rapidly, management, maintenance, and optimization of them are becoming increasingly challenging tasks for network administrators. Software-Defined Networking (SDN) was introduced to facilitate these tasks as it offers logically centralized control, a global view of the network, and software-based traffic analysis, thus, it is widely adopted of SDN to manage large-scale networks. On the other hand, SDN is not immune to cyber attacks. In fact, its centralized architecture makes it more vulnerable to certain types of attacks, such as denial of service. Various attack mitigation strategies are proposed to strengthen the security of SDNs including statistical, threshold-based, and Machine Learning (ML) methods. Among them, Deep Learning (DL)-based models attained the best results as they were able to extract the complex relationship between input parameters and output that could not be achieved with other solutions. Hence, this paper presents a comprehensive survey of the literature on the utilization of different DL algorithms for the security of SDN. We first explain the types of attacks that SDNs are exposed to, then present papers that applied DL to detect and/or mitigate these attacks. We further discuss the public datasets used to train DL models and evaluate their advantages and disadvantages. Finally, we share insights into future research directions to improve the efficiency of DL methods for SDN security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

Data availability

Enquiries about data availability should be directed to the authors

References

  1. Phan, T.V., Nguyen, T.G., Dao, N.-N., Huong, T.T., Thanh, N.H., Bauschert, T.: Deepguard: efficient anomaly detection in sdn with fine-grained traffic monitoring. IEEE Trans. Netw. Serv. Manage. 17(3), 1349–1363 (2020)

    Article  Google Scholar 

  2. Jain, S., Kumar, A., Mandal, S., Ong, J., Poutievski, L., Singh, A., Venkata, S., Wanderer, J., Zhou, J., Zhu, M., et al.: B4: Experience with a globally-deployed software defined wan. ACM SIGCOMM Comput. Commun. Rev. 43(4), 3–14 (2013)

    Article  Google Scholar 

  3. Wang, T., Chen, H.: Sguard: a lightweight sdn safe-guard architecture for dos attacks. China Commun. 14(6), 113–125 (2017)

    Article  MathSciNet  Google Scholar 

  4. Shin, S., Yegneswaran, Y., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, vol. Berlin, Germany, pp. 1–10 (2013)

  5. Dotcenko, S., Vladyko, A., Letenko, I.: A fuzzy logic-based information security management for software-defined networks. Paper presented at: 2014 16th International Conference on Advanced Communication Technology (ICACT), vol. Pyeongchang, South Korea, pp. 1-8 (2014)

  6. Gao, S., Peng, Z., Xiao, B., Hu, A., Song, Y., Ren, K.: Detection and mitigation of dos attacks in software defined networks. IEEE Trans. Net. 28(3), 1419–1433 (2020)

    Article  Google Scholar 

  7. Tang, D., Yan, Y., Zhang, S., Chen, J., Qin, Z.: Performance and features: Mitigating the low-rate tcp-targeted dos attack via sdn. IEEE J. Selected Areas of Commun. 40(1), 428–435 (2022)

    Article  Google Scholar 

  8. Wang, H., Xu, L., Gu, G.: Floodguard: a dos attack prevention extension in software-defined networks. In: 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 239-250 (2015)

  9. Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D. K. Y., Wu, J.: Realtime ddos defense using cots sdn switches via adaptive correlation analysis, IEEE Transactions on Information Forensics and Security, pp. 1838-1834 (2018)

  10. Alshra’a, A., Seitz, J.: Using inspector device to stop packet injection attack in sdn. IEEE Commun. Lett. 23(7), 1174–1177 (2019)

    Article  Google Scholar 

  11. Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., Ghogho, M.: Deep recurrent neural network for intrusion detection in sdn-based networks. In: 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 202–206 (2018)

  12. Hu, B.:, et al.: A deep one-class intrusion detection scheme in software defined industrial networks. IEEE Trans. Industrial Inform. 18(6), 4286–4297 (2022)

    Article  MathSciNet  Google Scholar 

  13. Janabi, A.H., Kanakis, T., Johnson, M.: Convolutional neural network based algorithm for early warning proactive system security in software defined networks. IEEE Access 10, 14–301 (2022)

    Article  Google Scholar 

  14. Yang, L., Song, Y., Gao, S., Hu, A., Xiao, B.: Griffin: Real-time network intrusion detection system via ensemble of autoencoder in sdn. IEEE Trans. Network and Service Manag. 19, 1–13 (2022)

    Article  Google Scholar 

  15. Muthanna, M.S.A., Alkanhel, R., Muthanna, A., Rafiq, A., Abdullah, W.A.M.: Towards sdn-enabled, intelligent intrusion detection system for internet of things (iot). IEEE Access. 22, 756–769 (2022)

    Google Scholar 

  16. Zhou, Y.-F., Jiang, R.-H., Wu, X., He, J.-Y., Weng, S., Peng, Q.: Branchgan: unsupervised mutual image-to-image transfer with a single encoder and dual decoders. IEEE Trans. Multimedia. 21, 3136–3150 (2019)

    Article  Google Scholar 

  17. Ren, S., an Ross Girshick, K. H., Sun, J.: Faster r-cnn: Towards real-time object detection with region proposal networks. Adv. Neural Inf. Process. Syst. 28 (2017)

  18. Zhou, Z., Rahman, S.M.M., Tajbakhsh, N., Liang, J.: Unet++: A nested u-net architecture for medical image segmentation. Lect. Notes Comput. Sci. 11045, 3–11 (2018)

    Article  Google Scholar 

  19. Roy, S., Menapace, W., Oei, S., Luijten, B., Fini, E., Saltori, C., Huijben, I., Chennakeshava, N., Mento, F., Sentelli, A., Peschiera, E., Trevisan, R., Maschietto, G., Torri, E., Inchingolo, R., Smargiassi, A., Soldati, G., Rota, P., Passerini, A., van Sloun, R.J.G., Ricci, E., Demi, L.: Deep learning for classification and localization of covid-19 markers in point-of-care lung ultrasound. IEEE Trans. Med. Imaging 13, 2676–2688 (2020)

    Article  Google Scholar 

  20. Oksuz, I., Clough, J.R., Ruijsink, B., Anton, E.P., Bustin, A., Cruz, G., Prieto, C., King, A.P., Schnabel, J.A.: Deep learning-based detection and correction of cardiac mr motion artefacts during reconstruction for high-quality segmentation’’. IEEE Trans. Med.l Imaging 13, 4001–4011 (2020)

    Article  Google Scholar 

  21. Yu, J., Chen, H., Dou, Q., Qin, J., Heng, P.-A.: Automated melanoma recognition in dermoscopy images via very deep residual networks. IEEE Trans. Med. Imaging 12, 994–1015 (2018)

    Google Scholar 

  22. Ahmed, H., La, H.M., Tran, K.: Rebar detection and localization for bridge deck inspection and evaluation using deep residual network. Automat. Constr. 120, 1–38 (2020)

    Article  Google Scholar 

  23. Ahmed, H., Gucunski, N., La, H. M.: Rebar detection using ground penetrating radar with state-of-the-art convolutional neural networks,” The 9th International Conference on Structural Health Monitoring of Intelligent infrastructure, pp. 1-6 (2019). [Online]. Available: https://ara.cse.unr.edu/wp-content/uploads/2014/12/SHMII-GPR-Paper-Final-Version-4.pdf [Accessed on 20 June 2022]

  24. Ahmed, H., La, H. M., Pekcan, G.: Rebar detection and localization for non-destructive infrastructure evaluation using deep residual networks. Proceedings of the 14th International Symposium on Visual Computing. pp. 1-6 (2019)

  25. Ahmed, H., Tavakolli, A., La, H. M.: Use of deep encoder-decoder network for sub-surface inspection and evaluation of bridge decks. Proceedings of the 13th International Workshop on Structural Health Monitoring 2022. p. (Accepted for Publication), (2022)

  26. Ahmed, H., Nguyen, S. T., La, D., Le, C. P., La, H. M.: Multi-directional bicycle robot for bridge inspection with steel defect detection system. IEEE International Conference on Robotics and Automation (ICRA) 2022, p. (Accepted for Publication), (2022)

  27. Chen, S., Lin, H., Yao, M.: Improving the efficiency of encoder-decoder architecture for pixel-level crack detection. IEEE Access. 186, 657–671 (2019)

    Google Scholar 

  28. Ahmed, H., La, H.M., Gucunski, N.: Review of non-destructive civil infrastructure evaluation for bridges: State-of-the-art robotic platforms, sensors and algorithms. Sensors 14, 1–38 (2020)

    Google Scholar 

  29. Ahmed, I., Din, S., Jeon, G., Piccialli, F., Fortino, G.: Towards collaborative robotics in top view surveillance: A framework for multiple object tracking by detection using deep learning. IEEE/CAA J. Automatica Sinica. 8, 1253–1270 (2021)

    Article  Google Scholar 

  30. Church, A., Lloyd, J., Hadsell, R., Lepora, N.F.: Deep reinforcement learning for tactile robotics: Learning to type on a braille keyboard. IEEE Robotics and Automation Letters. 5, 6145–6152 (2020)

    Article  Google Scholar 

  31. Nguyen, T.T., Nguyen, N.D., Nahavandi, S.: Deep reinforcement learning for multiagent systems: A review of challenges, solutions, and applications. IEEE Trans. Cybernet. 50, 3826–3839 (2020)

    Article  Google Scholar 

  32. X. J. et al.: A survey of machine learning techniques applied to software defined networking (sdn): Research issues and challenges. IEEE Commun. Surveys and Tutorials 21, 1393–430 (2019)

    Google Scholar 

  33. Ahmad, I., Shahabuddin, S., Malik, H., Harjula, E., Leppänen, T., Loven, L., Anttonen, A., Sodhro, A.H., Alam, M.M., Juntti, M., et al.: Machine learning meets communication networks: current trends and future challenges. IEEE Access 8, 223–418 (2020)

    Article  Google Scholar 

  34. Chica, J.C.C., Imbachi, J.C., Vega, J.F.B.: Security in sdn: A comprehensive survey. J. Net. Comput. Appl. 8, 1–23 (2020)

    Google Scholar 

  35. Jimenez, M.B., Fernandez, D., Rivaneira, J.E., Bellido, L., Cardenas, A.: A survey of the main security issues and solutions for the sdn architecture. IEEE Access. 122, 016–039 (2021)

    Google Scholar 

  36. Maleh, Y., Qasmaoui, Y., El Gholami, K., Sadqi, Y., Mounir, S.: A comprehensive survey on sdn security: threats, mitigations, and future directions. J. Reliable Intell. Environ. 1, 39 (2022)

    Google Scholar 

  37. Rahouti, M., Xiong, K., Xin, Y., Jagatheesaperumal, S.K., Ayyash, M., Shaheed, M.: Sdn security review: threat taxonomy, implications, and open challenges. IEEE Access 45, 820–855 (2022)

    Google Scholar 

  38. Deb, R., Roy, S.: A comprehensive survey of vulnerability and information security in sdn. Comput. Net. 5, 1–30 (2022)

    Google Scholar 

  39. Singh, M.P., Bhandari, A.: New-flow-based ddos attacks in sdn: Taxonomy, rationales and research challenges. Comp. Commun. 154, 509–527 (2020)

    Article  Google Scholar 

  40. Amin, R., Rojas, E., Aqdus, A., Ramzan, S., Casillas-Perez, D., Arco, J.M.: A survey on machine learning techniques for routing optimization in sdn. IEEE Access 104, 582–612 (2019)

    Google Scholar 

  41. Amin, R., Reisslein, M., Shah, N.: Hybrid sdn networks: a survey of existing approaches’’. IEEE Commun. Surveys and Tutorials 20, 3259–3307 (2018)

    Article  Google Scholar 

  42. Kellerer, W., Kalmbach, P., Blenk, A., Basta, A., Reisslein, M., Schmid, S.: Adaptable and data-driven softwarized networks: Review, opportunities, and challenges. Proceedings of the IEEE 107, 1–35 (2019)

    Article  Google Scholar 

  43. Bannour, F., Souihi, S., Mellouk, A.: Distributed sdn control: survey, taxonomy, and challenges. IEEE Commun Surveys and Tutorials 20, 333–355 (2018)

    Article  Google Scholar 

  44. Huang, X., Cheng, S., Cao, K., Cong, P., Wei, T., Hu, S.: A survey of deployment solutions and optimization strategies for hybrid sdn networks. IEEE Commun. Surveys and Tutorials 21, 1483–1507 (2019)

    Article  Google Scholar 

  45. Khorsandroo, S., Sanchez, A.G., Tosun, A.S., Arco, J., Doriguzzi-Corin, R.: Hybrid sdn evolution: A comprehensive survey of the state-of-the-art. Comput. Net. 192, 107981 (2021)

    Article  Google Scholar 

  46. Al-Heety, O., Zakaria, Z., Ismail, M., Shakir, M.M., Alani, S., Alsariera, H.: A comprehensive survey: benefits, services, recent works, challenges, security, and use cases for sdn-vanet. IEEE Access 91, 028–048 (2020)

    Google Scholar 

  47. Alam, I., Sharif, K., Li, F., Latif, Z., Karim, M.M., Biswas, S., Nour, B., Wang, Y.: A survey of network virtualization techniques for internet of things using sdn and nfv. ACM Comput. Survey 53, 1–40 (2020)

    Article  Google Scholar 

  48. Farris, I., Taleb, T., Khettab, Y., Song, J.: A survey on emerging sdn and nfv security mechanisms for iot systems. IEEE Commun. Surveys and Tutorials 21, 812–838 (2019)

    Article  Google Scholar 

  49. Ali, A., Yousaf, M.M.: Novel three-tier intrusion detection and prevention system in software-defined networks. IEEE Access 8, 109–677 (2020)

    Google Scholar 

  50. Wang, J., Liu, J., Guo, H., Mao, B.: Deep reinforcement learning for securing software-defined industrial networks with distributed control plane. IEEE Trans. Industr. Inf. 18(6), 4275–4285 (2021)

    Article  Google Scholar 

  51. Ali, S.T., Sivaraman, V., Radford, A., Jha, S.: A suvey of securing network using software defined networking. IEEE Trans. Reliab. 64, 1086–1098 (2015)

    Article  Google Scholar 

  52. Nunes, B.A.A., Mendonca, M., Nguyen, X.-N., Obraczka, K., Turletti, T.: A survey of software-defined networking: Past, present, and future of programmable networks. IEEE Commun. Surveys and Tutorials 16, 1617–1635 (2014)

    Article  Google Scholar 

  53. Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Commun. Surveys and Tutorials 18, 623–655 (2016)

    Article  Google Scholar 

  54. Ahmad, I., Namal, S., Ylianttila, M., Gurtov, A.: Security in software defined networks: a survey. IEEE Commun. Surveys and Tutorial 17, 2317–2347 (2015)

    Article  Google Scholar 

  55. Benzekki, K., El Fergougui, A., Elalaoui, A.E.: Software-defined networking (sdn): a survey. Security and Commun. Net. 9, 5803–5833 (2017)

    Article  Google Scholar 

  56. Li, W., Meng, W., Kwok, L.F.: A survey on openflow-based software-defined networks: security challenges and countermeasures. J. Net. Comput. Appl. 68, 126–139 (2016)

    Article  Google Scholar 

  57. Yan, Q., Yu, F.R., Gong, Q., Li, J.: Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Commun. Surveys Tutorials. 82, 602–623 (2016)

    Article  Google Scholar 

  58. Dargahi, T., Alberto Caponi, M.A., Bianchi, G., Conti, M.: A survey on the security of stateful sdn data planes. IEEE Commun. Surveys and Tutorials 19, 1701–1726 (2017)

    Article  Google Scholar 

  59. Dong, S., Abbas, K., Jain, R.: A survey on distributed denial of service (ddos) attacks in sdn and cloud computing environments. IEEE Access 80, 813–828 (2019)

    Google Scholar 

  60. Sultana, N., Chilamkurti, N., Peng, W., Alhadad, R.: Survey on sdn based network intrusion detection system using machine learning approaches. Peer-to-Peer Network. Appl. 12, 493–501 (2019)

    Article  Google Scholar 

  61. Ahmed, M., Shatabda, S., Islam, A., Robin, M., Islam, T.: et al., Intrusion detection system in software-defined networks using machine learning and deep learning techniques–a comprehensive survey. (2021)

  62. Jafarian, T., Masdari, M., Ghaffari, A., Majidzadeh, K.: A survey and classification of the security anomaly detection mechanisms in software defined networks. Cluster Comput. 24, 1235–1253 (2021)

    Article  Google Scholar 

  63. Zhao, Y., Li, Y., Zhang, X., Geng, G., Zhang, W., Sun, Y.: A survey of networking applications applying the software defined networking concept based on machine learning. IEEE Access 95, 397–418 (2019)

    Google Scholar 

  64. Han, T., Jan, S.R.U., Tan, Z., Usman, M., Jan, M.A., Khan, R., Xu, Y.: A comprehensive survey of security threats and their mitigation techniques for next-generation sdn controllers. Concurrency Computat. Pract. Exper. 32, 1–21 (2020)

    Article  Google Scholar 

  65. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117 (2015)

    Article  Google Scholar 

  66. LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015)

    Article  Google Scholar 

  67. Sarker, I.H.: Deep learning: A comprehensive overview on techniques, taxonomy, applications and research directions. SN Comput. Sci. 2, 420 (2021)

    Article  Google Scholar 

  68. Aldweesh, A., Derhab, A., Emam, A.Z.: Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. Knowl. Based Syst. 189, 105–124 (2020)

    Article  Google Scholar 

  69. O’Shea, K., Nash, R.: An introduction to convolutional neural networks. arXiv preprint arXiv:1511.08458, (2015)

  70. Glorot, X., Bengio, Y.:Understanding the difficulty of training deep feedforward neural networks. Proceedings of the thirteenth international conference on artificial intelligence and statistics. JMLR Workshop and Conference Proceedings, pp. 249-256, (2010)

  71. Pouyanfar, S., Sadiq, S., Yan, Y., Tian, H., Tao, Y., Reyes, M.P., Shyu, M.-L., Chen, S.-C., Iyengar, S.S.: A survey on deep learning: algorithms, techniques, and applications. ACM Comput. Surveys (CSUR) 51(5), 1–36 (2018)

    Article  Google Scholar 

  72. Salehinejad, H., Sankar, S., Barfett, J., Colak, E., Valaee, S.: Recent advances in recurrent neural networks. arXiv preprint arXiv:1801.01078, (2017)

  73. Naskath, J., Sivakamasundari, G., Begum, A.: A study on different deep learning algorithms used in deep neural nets: Mlp som and dbn. Wireless Personal Commun. 14, 1–24 (2022)

    Google Scholar 

  74. Tan1, C., Sun2, F., Kong1, T., Zhang1, W., Yang1, C., Liu, C.: A survey on deep transfer learning. International Conference on Artificial Neural Networks, p. 270-279, (2018)

  75. Liu, X., Yu, W., Liang, F., Griffith, D., Golmie, N.: On deep reinforcement learning security for industrial internet of things. Comput Commun. 168, 20–32 (2021)

    Article  Google Scholar 

  76. Wang, Y., Hu, T., Tang, G., Xi, J., Lu, J.: Sgs: safe-guard scheme for protecting control plane against ddos attacks in software-defined networking. IEEE Access 7, 34–699 (2019)

    Google Scholar 

  77. Min, J., Yuejie, S., Qing, G., Zihe, G., Suofe, X.: Ddos attack detection method for space-based network based on sdn architecture. ZTE Commun. 18(4), 18–25 (2020)

    Google Scholar 

  78. Alanazi, F., Jambi, K., Eassa, F., Khemakhem, M., Basuhail, A., Alsubhi, K.: Ensemble deep learning models for mitigating ddos attack in software-defined network. Intell. Automat. Soft Comput. 33(2), 923–938 (2022)

    Article  Google Scholar 

  79. H., S. et al.: A deep cnn ensemble framework for efficient ddos attack detection in software defined networks. IEEE Access 8(53), 972–983 (2021)

    Google Scholar 

  80. Lent, D.M.B., Novaes, M.P., Carvalho, L.F., Lloret, J., Rodriguez, J.J.P.C., Proenca, M.L.: A gated recurrent unit deep learning model to detect and mitigate distributed denial of service and portscan attacks. IEEE Access 10, 73–229 (2022)

    Google Scholar 

  81. Ujjan, R.M.A., Pervez, Z., Dahal, K., Bashir, A.K., Mumtaz, R., González, J.: Towards sflow and adaptive polling sampling for deep learning based ddos detection in sdn. Futur. Gener. Comput. Syst. 111, 763–779 (2020)

    Article  Google Scholar 

  82. Yeom, S., Choi, C., Kim, K.: Lstm-based collaborative source-side ddos attack detection. IEEE Access 7, 44–046 (2022)

    Google Scholar 

  83. Gadze, J.D., Bamfo-Asante, A.A., Agyemang, J.O., Nunoo-Mensah, H., Opare, K.A.-B.: An investigation into the application of deep learning in the detection and mitigation of ddos attack on sdn controllers. Technologies 14, 25 (2021)

    Google Scholar 

  84. Shu, J., Zhou, L., Zhang, W., Du, X., Guizani, M.: Collaborative intrusion detection for vanets: a deep learning-based distributed sdn approach. IEEE Trans. Intell. Transport. Syst. 22, 4519–4523 (2021)

    Article  Google Scholar 

  85. Ravi, N., Shalinie, S.M.: Learning-driven detection and mitigation of ddos attack in iot via sdn-cloud architecture. IEEE Int. Things J. 7, 3559–3571 (2020)

    Article  Google Scholar 

  86. Rezapour, A., Tzeng, W.-G.: Rl-shield: mitigating target link-flooding attacks using sdn and deep reinforcement learning routing algorithm. IEEE Trans. Depend. Secure Comput. 19, 1–17 (2022)

    Article  Google Scholar 

  87. ur Rasool, R., Ashraf, U., Ahmed, K., Wang, H., Rafique, W., Anwar, Z.: Cyberpulse: a machine learning based link flooding attack mitigation system for software defined networks. IEEE Access 34, 885–900 (2019)

    Google Scholar 

  88. Ahuja, N., Singal, G., Mukhopadhyay, D.: Dlsdn: Deep learning for ddos attack detection in software defined networking. 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence), (2021)

  89. Wang, J., Liu, J.: Deep learning for securing software-defined industrial internet of things: attacks and countermeasures. IEEE Int. Things J. 9, 1–11 (2022)

    Google Scholar 

  90. Soltani, S., Shojafar, M., Mostafaeit, H., Pooranian, Z., Tafazolli, R.: Link latency attack in software-defined networks. 17th International Conference on Network and Service Management (CNSM), (2021)

  91. Wang, J., Tan, Y., Liu, J., Zhang, Y.: Topology poisoning attack in sdn-enabled vehicular edge network. IEEE Int. Things J. 7(10), 9563–9575 (2020)

    Article  Google Scholar 

  92. Mohammadi, R., Javidan, R., Conti, M.: Slicots: an sdn-based lightweight countermeasure for tcp syn flooding attacks. IEEE Trans. Net. Service Manag. 14, 487–498 (2017)

    Article  Google Scholar 

  93. Chen, M.-H., Ciou, J.-Y., Chung, I.-H., Chou, C.-F.: Flexprotect: a sdn-based ddos attack protection architecture for multi-tenant data centers.In: Proceedings of International Conference on High Performance Computing Asia-Pacific Region., pp. 1-6, (2018)

  94. Boite, J., Nardin, P.-A., Rebecchi, F., Bouet, M., Conan, V.: Statesec: stateful monitoring for ddos protection in software defined networks. Paper presented at: 2017 IEEE Conference on Network Softwarization (NetSoft), vol. Bologna, Italy, pp. 1-6, (2017)

  95. Varghese, J.E., Muniyal, B.: An efficient ids framework for ddos attacks in sdn environment. IEEE Access 69, 680–700 (2021)

    Google Scholar 

  96. Xu, Y., Sun, H., aand Shijin Sun, F. X.: Efficient ddos detection based on k-fknn in software defined networks. IEEE Access 7, 160–547 (2019)

    Google Scholar 

  97. Novaes, M.P., Carvalho, L.F., Lloret, J., Proença, M.L.: Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment. IEEE Access 8, 83–765 (2020)

    Article  Google Scholar 

  98. Hussain, J., Hnamte, V.: Novel three-tier intrusion detection and prevention system in software defined network. IEEE Access 109, 662–677 (2020)

    Google Scholar 

  99. Gkounis, D., Kotronis, V., Liaskos, C., Dimitropoulos, X.: On the interplay of link-flooding attacks and traffic engineering. SIGCOMM Comput. Commun. Rev. 46(2), 5–11 (2016)

    Article  Google Scholar 

  100. Ahuja, N., Singal, G., Mukhopadhyay, D.: Ddos attack sdn dataset,” https://data.mendeley.com/datasets/jxpfjc64kr/1, 2020

  101. Xiang, S., Zhu, H., Xiao, L., Xie, W.: Modeling and verifying topoguard in openflow-based software defined networks. In: Proceedings of 2018 International Symposium on Theoretical Aspects of Software Engineering (TASE). pp. 84-91, (2018)

  102. Skowyra, R., Xu, L., Gu, G., Dedhia, V., Hobson, T., Okhravi, H., Landry, J.: 2018 Effective topology tampering attacks and defenses in software-defined networks. In: Proceeding of 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 374-386,

  103. Deng, S., Gao, X., Lu, Z., Gao, X.: Packet injection attack and its defense in software-defined networks. IEEE Trans. Inf. Forensics Secur. 13(3), 695–705 (2018)

    Article  Google Scholar 

  104. Phan, T.V., Bauschert, T.: Deepair: deep reinforcement learning for intrusion response in software-defined networks. IEEE Trans. Net. Service Manag. 19, 1–12 (2022)

    Google Scholar 

  105. Razib, M.A., Javeed, D., Khan, M.T., Alkanhel, R., Muthanna, M.S.A.: Cyber threats detection in smart environments using sdn-enabled dnn-lstm hybrid framework. IEEE Access 10, 1–12 (2022)

    Article  Google Scholar 

  106. Tu, Z., Zhou, H., Li, K., Li, M., Tian, A.: An energy-efficient topology design and ddos attacks mitigation for green software-defined satellite network. IEEE Access 211, 434–451 (2020)

    Google Scholar 

  107. Javeed, D., Gao, T., Khan, M.T., Ahmad, I.: A hybrid deep learning-driven sdn enabled mechanism for secure communication in internet of things (iot). Sensors 21(14), 48–84 (2021)

    Article  Google Scholar 

  108. Garg, S., Kaur, K., Kumar, N., Rodrigues, J.J.: Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in sdn: a social multimedia perspective. IEEE Trans. Multimedia 21(3), 566–578 (2019)

    Article  Google Scholar 

  109. Hu, D., Hong, P., Chen, Y.: 2017 Fadm: Ddos flooding attack detection and mitigation system in software-defined networking. GLOBECOM 2017-2017 IEEE Global Communications Conference. IEEE, pp. 1-7, (2017)

  110. Li, C., Wu, Y., Yuan, X., Sun, Z., Wang, W., Li, X., Gong, L.: Detection and defense of ddos attack-based on deep learning in openflow-based sdn. Int. J. Commun. Syst. 31(5), 1–20 (2018)

    Article  Google Scholar 

  111. Shafi, Q., Basit, A., Qaisar, S., Koay, A., Welch, I.: Fog-assisted sdn controlled framework for enduring anomaly detection in an iot network. IEEE Access 73, 713–724 (2018)

    Google Scholar 

  112. Yue, M., Wang, H., Liu, L., Wu, Z.: Detecting dos attacks based on multi-features in sdn. IEEE Access 8, 104–688 (2020)

    Article  Google Scholar 

  113. Ali, A., Yousaf, M. M.: Deep learning based intrusion detection system : software defined network. Asian Conference on Innovation in Technology (ASIANCON), (2021)

  114. Elsayed, M.S., Le-Khac, N.-A., Dev, S., Jurcut, A.D., Ddosnet: A deep-learning model for detecting network attacks, in,: IEEE 21st International Symposium on A World of Wireless, Mobile and Multimedia Networks"(WoWMoM). IEEE 2020, 391-396 (2020)

  115. ElSayed, M.S., Le-Khac, N.-A., Azer, M.A., Jurcut, A.D.: A flow based anomaly detection approach with feature selection method against ddos attacks in sdns. IEEE Trans. Cognitive Commun. 8, 1–20 (2022)

    Google Scholar 

  116. Scaranti, G.F., Carvalho, L.F., Proenca, M.L.: Artificial immune systems and fuzzy logic to detect flooding attacks in software-defined networks. IEEE Access 100, 172–185 (2020)

    Google Scholar 

  117. Ahuja, N., Singal, G., Mukhopadhyay, D., Kumar, N.: Automated ddos attack detection in software defined networking. J. Netw. Comput. Appl. 187, 1–20 (2021)

    Article  Google Scholar 

  118. Novaes, M.P., Carvalho, L.F., Lloret, J., Jr., M. L. P.: Adversarial deep learning approach detection and defense against ddos attacks in sdn environments. Fut. Gene. Comput. Syst. 125, 1–20 (2021)

    Google Scholar 

  119. Peng, H., Sun, Z., Zhao, X., Tan, S., Sun, Z.: A detection method for anomaly flow in software defined network. IEEE Access 27, 809–818 (2018)

    Google Scholar 

  120. He, D., Chan, S., Ni, X., Guizani, M.: Software-defined-networking-enabled traffic anomaly detection and mitigation. IEEE Int. Things J. 4, 1890–1899 (2017)

    Article  Google Scholar 

  121. Li, Q., Liu, Y., Liu, Z., Pang, C.: Efficient forwarding anomaly detection in software-defined networks. IEEE Transacctions on Parallel and Distributed Systems. 32, 2676–1697 (2021)

    Article  Google Scholar 

  122. Dhawan, M., Poddar, R., Mahajan, K., Mann, V.: Sphinx: detecting security attacks in software-defined networks. Ndss 15, 8–11 (2015)

    Google Scholar 

  123. Musumeci, F., Fidanci, A.C., Paolucci, F., Cugini, F., Tornatore, M.: Machine-learning-enabled ddos attacks detection in p4 programmable networks. J. Net. Syst. Manag. vol. 30(21), 1–27 (2022)

    Google Scholar 

  124. Zhang, X., Cui, L., Tso, F.P., Jia, W.: pheavy: predicting heavy flows in the programmable data plane. IEEE Trans. Netw. Serv. Manage. 18(4), 4353–4365 (2021)

    Article  Google Scholar 

  125. da Silveira Ilha, A., Cardoso Lapolli, Â., Marques, J.A., Gaspary, L.P.: Euclid: a fully in-network, p4-based approach for real-time ddos attack detection and mitigation. IEEE Trans. Net. Serv. Manag. 18(3), 3121–3140 (2021)

    Article  Google Scholar 

  126. The caida ucsd anonymized internet traces 2016. [Online]. Available: https://www.caida.org/data/passive/passive_2016_dataset.xml

  127. The caida ucsd ddos attack 2007 dataset. [Online]. Available: ttp://www.caida.org/data/passive/ddos-20070804_dataset.xml

  128. Shin, S., Gu, G.: Attacking software-defined networks: A first feasibility study. In: Proc. Second ACM SIGCOMM Work. Hot Top. Softw. Defin. Netw., pp. 165-166, (2013)

  129. Klöti, R., Kotronis, V., Smith, P.: Openflow: a security analysis. In Proceedings of International Conference on Network Protocols (ICNP), pp. 1-6, (2013)

  130. Zhang, M., Hou, J., Zhang, Z., Shi, W., Qin, B., Liang, B., Fine-grained fingerprinting threats to software-defined networks, in,: IEEE Trustcom/BigDataSE/ICESS. IEEE 2017, 128–135 (2017)

  131. Sonchack, J., Aviv, A. J., Keller, E.: Timing sdn control planes to infer network configurations In Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 19–22 , (2016)

  132. Gao, B.X.S., Li, Z., Wei, G.: Security threats in the data plane of software-defined networks. IEEE Netw. 32(4), 108–113 (2018)

    Article  Google Scholar 

  133. Farhin, F., Sultana, I., Islam, N., Kaiser, M.S., Rahman, M.S., Mahmud, M.: Attack detection in internet of things using software defined network and fuzzy neural network. IEEE Trans. Industr. Inf. 18(1), 467–476 (2021)

    Google Scholar 

  134. Krishnan, P., Duttagupta, S., Achuthan, K.: Varman: multi-plane security framework for software defined networks. Comput. Commun. 148, 215–239 (2019)

    Article  Google Scholar 

  135. Ahuja, N., Singal, G., Mukhopadhyay, D., Nehra, A.: Ascertain the efficient machine learning approach to detect different arp attacks. Comput. Elect. Eng. 99, 107757 (2022)

    Article  Google Scholar 

  136. Lee, C., Yoon, C., Shin, S., Cha, S.: Indago: a new framework for detecting malicious sdn applications. In: Proceedings of 2018 IEEE 26th International Conference on Network Protocols (ICNP), pp. 220-230, (2018)

  137. Cao, J., Li, Q., Xie, R., Sun, K., Gu, G., Xu, M., Yang, Y.: The crosspath attack: disrupting the sdn control channel via shared links. In: Proceedings of 28th USENIX Security Symposium, pp. 1-18, (2019)

  138. Khamaiseh, S., Serra, E., Li, Z., Xu, D.: Detecting saturation attacks in sdn via machine learning. 4th International Conference on Computing, Communications and Security (ICCCS), (2019)

  139. Divekar, M. P., Savla, V., Mishra, R., Shirole, M.: Benchmarking datasets for anomaly-based network intrusion detection: Kdd cup 99 alternatives. Proc. IEEE 3rd Int. Conf. Comput., Commun. Secur. (ICCCS), pp. 1-8, (2018)

  140. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A. A.: A detailed analysis of the kdd cup 99 data set. In Proc. IEEE Symp. Comput. Intell. Secur. Defense Appl., pp. 1-6, (2009)

  141. Shiravi, H., Shiravi, M.T., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput. Security 31, 357–374 (2012)

    Article  Google Scholar 

  142. Moustaf, N., Slay, J.: The evaluation of network anomaly detection systems: statistical analysis of the unsw-nb15 data set and the comparison with the kdd99 data set. Inform. Security J. 25, 18–31 (2016)

    Google Scholar 

  143. Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surveys Tuts. 18, 184–208 (2016)

    Article  Google Scholar 

  144. Sharafaldin, A., Lashkari, H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. Proc. ICISSP. 1, 108–116 (2018)

    Google Scholar 

  145. of Cybersecurity, C. I.: Cse-cic-ids2018. Accessed July 10, 2022, [Online]

  146. Ring, M., Wunderlich, S., Grüdl, D., Landes, D., Hotho, A.,: “Flow-based benchmark data sets for intrusion detection. In: Eur. Conf. Inf. Warf. Secur. ECCWS, pp. 361-369, 2017

  147. Sharafaldin, A. H., Lashkari, S. H., Ghorbani, A. A.: Developing realistic distributed denial of service (ddos) attack dataset and taxonomy. In Proc. Int. Carnahan Conf. Secur. Technol. (ICCST), pp. 1–8, (2019)

  148. Song, H. T., Okabe, Y.: Description of kyoto university benchmark data, (2006)

  149. ElSayed, M. S., Le-Khac, N.-A., Jorcot, A. D. : Insdn: a novel sdn intrusion dataset. IEEE Access, pp. 165-623, (2020)

  150. Garg, S., Singh, A., Aujla, G.S., Kaur, S., Batra, S., Kumar, N.: Probabilistic data structures-based anomaly detection scheme for software-defined internet of vehicles. IEEE Trans. Intell. Transport. Syst. 22, 3557–3567 (2021)

    Article  Google Scholar 

  151. Wang, B., Sun, Y., Xu, X.: A scalable and energy-efficient anomaly detection scheme in wireless sdn-based mmtc networks for iot. IEEE Int. Things J. 8, 1388–1406 (2021)

    Article  Google Scholar 

  152. Yin, D., Zhang, L., Yang, K.: A ddos attack detection and mitigation with software-defined internet of things framework. IEEE Access 24, 606–624 (2018)

    Google Scholar 

  153. Assis, M.V.O.D., Hamamoto, A.H., Abrao, T., Proenca, M.L.: A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for dos/ddos mitigation on sdn networks. IEEE Access 5, 9485–9497 (2017)

    Article  Google Scholar 

  154. Ravi, N., Shalinie, S.M., Theres, D.D.J.: Balance: Link flooding attack detection and mitigation via hybrid-sdn. IEEE Trans. Netw. Serv. Manage. 17(3), 1715–1730 (2020)

    Article  Google Scholar 

  155. Kumar, P., Tripathi, M., Nehra, A., Conti, M., Lal, C.: Safety: early detection and mitigation of tcp syn flood utilizing entropy in sdn. IEEE Trans. Net. Service Manag. 15, 1545–1560 (2018)

    Article  Google Scholar 

  156. Aliyu, I., Feliciano, M.C., Engelenburg, S.V., Kim, D.O., Lim, C.G.: A blockchain-based federated forest for sdn-enabled in-vehicle network intrusion detection system. IEEE Access 102, 593–619 (2021)

    Google Scholar 

  157. Li, J., Zhao, Z., Li, R., Zhang, H.: Ai-based two-stage intrusion detection for software defined iot networks. IEEE Int. Things J. 6, 2093–2103 (2019)

    Article  Google Scholar 

  158. Segura, G.A.N., Chorti, A., Margi, C.B.: Centralized and distributed intrusion detection for resource-constrained wireless sdn networks. IEEE Int. Things J. 9, 7746–7759 (2022)

    Article  Google Scholar 

  159. Janabi, A.H., Kanakis, T., Johnson, M.: Overhead reduction technique for software-defined network based intrusion detection systems. IEEE Access 66, 481–492 (2022)

    Google Scholar 

  160. Bagaa, M., Taleb, T., Bernabe, J.B., Skarmeta, A.: A machine learning security framework for iot systems. IEEE Access 114, 066–078 (2020)

    Google Scholar 

  161. Raja, G., Anbalagan, S., Vijayaraghavan, G., Dhanasekaran, P., Al-Otaibi, Y.D., Bashir, A.K.: Energy-efficient end-to-end security for software-defined vehicular networks. IEEE Trans. Industrial Informatics 17, 5730–5738 (2021)

    Article  Google Scholar 

  162. Assis, M. V. O. D., Novaes, M. P., . Zerbini, C. B, Carvalho, L. F., Abrao, T., Jr, M. L. P.: “Fast defense system against attacks in software defined networks,” IEEE Access, pp. pp. 69 620–69 640, 2018

  163. Zhou, Y., Cheng, G., Yu, S.: “An sdn-enabled proactive defense framework for ddos mitigation in iot networks,” IEEE Transactions on Information Forensics and Security, pp. pp. 5366–5381, 2021

  164. Vishwakarma, L., Nahar, A., Das, D.: “Lbsv: Lightweight blockchain security protocol for secure storage and communication in sdn-enabled iov,” IEEE Transactions on Vehicular Technology, pp. pp. 5983–5995, 2022

  165. L. F. M. et al.,: “A self-adaptive deep learning-based system for anomaly detection in 5g networks,” IEEE Access, vol. 6, pp. pp. 7700–7712, 2018

  166. Sahoo, D., Pham, Q., Lu, J., Hoi, S. C.: “Online deep learning: Learning deep neural networks on the fly,” arXiv preprint arXiv:1711.03705, 2017

  167. Tan, C., Sun, F., Kong, T., Zhang, W., ang, C. Y, Liu, C.: “A survey on deep transfer learning,” in International conference on artificial neural networks. Springer, 2018, pp. 270–279

  168. Alonso, R. S., Sittón-Candanedo, I., Casado-Vara, R., Prieto, J., Corchado, J. M.: “Deep reinforcement learning for the management of software-defined networks in smart farming,” in 2020 International Conference on Omni-layer Intelligent Systems (COINS). IEEE, 2020, pp. 1–6

  169. Phan, T. V., Sultana, S., Nguyen, T. G., Bauschert, T.: “\(q\)-transfer: A novel framework for efficient deep transfer learning in networking,” in 2020 International Conference on Artificial Intelligence in Information and Communication (ICAIIC). IEEE, 2020, pp. 146–151

  170. R. S. et al.:, “Mdp and machine learning-based cost-optimization of dynamic resource allocation for network function virtualization,” In: Proceedings of IEEE International Conference on Service Computing, pp. pp. 65–73, 2015

Download references

Funding

The work in this study was supported in part by the NSF grants 2019164, 2145742, and 2007789.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, University of Nevada, Reno, USA

    Roya Taheri, Habib Ahmed & Engin Arslan

Authors
  1. Roya Taheri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Habib Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Engin Arslan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Engin Arslan.

Ethics declarations

Competing Interests

The authors have not disclosed any competing interests

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Taheri, R., Ahmed, H. & Arslan, E. Deep learning for the security of software-defined networks: a review. Cluster Comput 26, 3089–3112 (2023). https://doi.org/10.1007/s10586-023-04069-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-023-04069-9

Keywords

Search

Navigation