Abstract
Software-defined networking (SDN) is a network architecture. It is becoming more popular due to its centralized network administration, adaptability, and speed. However, the centralized structure of SDN architecture makes assaults more prevalent. The attacks affect normal users by draining server resources, reducing internet speed, and occupying memory on controllers and switches. Therefore, security for SDN is essential. Most of the existing attack detection methods for SDN are based on statistical and machine learning-based techniques. In statistical techniques, determining an accurate threshold is difficult due to dynamic nature of the network flow. For machine learning-based techniques, it can be difficult to identify a suitable feature that can distinguish assaults from regular traffic. Therefore, this work presents an effective deep learning-based framework to identify network threats in SDN. This framework comprises a data augmentation generative adversarial network (DAGAN), Xception, and improved ShuffleNetV2 models. First, DAGAN is used to increase data samples and reduce class imbalance problem in the dataset. Then, Xception network extracts the essential features, and finally, intrusions are identified and categorized using an improved ShuffleNetV2 network. When a network intrusion is discovered, the suggested defense mechanism is turned on to restore normal network connectivity quickly. Several tests are carried out on two SDN-based datasets, and our proposed approach surpasses existing models by achieving 89.63% and 98.96% accuracy for InSDN and Ton-IoT datasets, respectively. Additionally, our suggested model delivers a fair trade-off between recall and precision that qualifies it for attack categorization.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
Data will be available on request.
References
Maddu, M., Rao, Y.N.: Network intrusion detection and mitigation in SDN using deep learning models. Int. J. Inf. Secur. (2023). https://doi.org/10.1007/s10207-023-00771-2
Shaji, N.S., Muthalagu, R., Pawar, P.M.: SD-IIDS: intelligent intrusion detection system for software-defined networks. Multimed. Tools Appl. (2023). https://doi.org/10.1007/s11042-023-15725-y
Kumar, C., Biswas, S., Ansari, M.S.A., Govil, M.C.: Nature-inspired intrusion detection system for protecting software-defined networks controller. Comput. Secur. 134, 103438 (2023). https://doi.org/10.1016/j.cose.2023.103438
Hormozi, M., Erfani, S.H.: An SDN-based DDoS defense approach using route obfuscation. Concurren. Computat. Practice Exp. 35(1), e7439 (2023). https://doi.org/10.1002/cpe.7439
Jin, Z., Zhou, J., Li, B., Wu, X., Duan, C.: FL-IIDS: a novel federated learning-based incremental intrusion detection system. Futur. Gener. Comput. Syst. 151, 57–70 (2024). https://doi.org/10.1016/j.future.2023.09.019
Hnamte, V., Hussain, J.: An efficient DDoS attack detection mechanism in SDN environment. Int J Inf Technol. (2023). https://doi.org/10.21203/rs.3.rs-2393388/v2
Ariffin, S.H., Le Chong, J., Latif, N.M.A.A., Abd Malik, N.N.N., Baharudin, M.A., Syed-Yusof, S.K., Yusof, K.M.: Intrusion detection system (IDS) accuracy testing for software defined network internet of things (SDN-IOT) testbed. ELEKTRIKA-J. Electric. Eng. 21(3), 23–27 (2022). https://doi.org/10.11113/elektrika.v21n3.361
Chowdhury, R., Sen, S., Roy, A., Saha, B.: An optimal feature based network intrusion detection system using bagging ensemble method for real-time traffic analysis. Multimed. Tools Appl. 81(28), 41225–41247 (2022). https://doi.org/10.1007/s11042-022-12330-3
Suresh Babu, D., Ramakrishnan, M.: Enhanced lion optimization algorithm and deep belief network for intrusion detection with SDN enabled IoT networks. J. Intell. Fuzzy Syst. (2023). https://doi.org/10.3233/JIFS-232532
Tayfour, O.E., Mubarakali, A., Tayfour, A.E., Marsono, M.N., Hassan, E., Abdelrahman, A.M.: Adapting deep learning-LSTM method using optimized dataset in SDN controller for secure IoT. Soft Comput. (2023). https://doi.org/10.1007/s00500-023-08348-w
Ahalawat, A., Babu, K.S., Turuk, A.K., Patel, S.: A low-rate DDoS detection and mitigation for SDN using Renyi entropy with packet drop. J. Inf. Secur. Appl. 68, 103212 (2022). https://doi.org/10.1016/j.jisa.2022.103212
Yungaicela-Naula, N.M., Vargas-Rosales, C., Pérez-Díaz, J.A.: Sdn/nfv-based framework for autonomous defense against slow-rate ddos attacks by using reinforcement learning. Futur. Gener. Comput. Syst. 149, 637–649 (2023). https://doi.org/10.1016/j.future.2023.08.007
Swami, R., Dave, M., Ranga, V.: Mitigation of DDoS attack using moving target defense in SDN. Wireless Personal Commun. (2023). https://doi.org/10.1007/s11277-023-10544-8
Jadhav, K.P., Arjariya, T., Gangwar, M.: Hybrid-Ids: an approach for intrusion detection system with hybrid feature extraction technique using supervised machine learning. Int. J. Intell. Syst. Appl. Eng. 11(5s), 591–597 (2023)
Hammad, M., Hewahi, N., Elmedany, W.: Enhancing network intrusion recovery in SDN with machine learning: an innovative approach. Arab J. Basic Appl. Sci. 30(1), 561–572 (2023). https://doi.org/10.1080/25765299.2023.2261219
Qureshi, S.S., He, J., Qureshi, S., Zhu, N., Zardari, Z.A., Mahmood, T., Wajahat, A.: SDN-enabled deep learning based detection mechanism (DDM) to tackle DDoS attacks in IoTs. J. Intell. Fuzzy Syst. 44(6), 10675–10687 (2023). https://doi.org/10.3233/JIFS-220932
Huang, H., Li, T., Ding, Y., Li, B., Liu, A.: An artificial immunity based intrusion detection system for unknown cyberattacks. Appl. Soft Comput. 148, 110875 (2023). https://doi.org/10.1016/j.asoc.2023.110875
Chowdhury, R., Sen, S., Goswami, A., Purkait, S., Saha, B.: An implementation of bi-phase network intrusion detection system by using real-time traffic analysis. Expert Syst. Appl. 224, 119831 (2023). https://doi.org/10.1016/j.eswa.2023.119831
Tang, D., Gao, C., Li, X., Liang, W., Xiao, S., Yang, Q.: A detection and mitigation scheme of LDoS Attacks via SDN Based on the FSS-RSR Algorithm. IEEE Trans. Netw. Sci. Eng. (2023). https://doi.org/10.1109/TNSE.2023.3236970
Priyadarshini, I., Mohanty, P., Alkhayyat, A., Sharma, R., Kumar, S.: SDN and application layer DDoS attacks detection in IoT devices by attention-based Bi-LSTM-CNN. Trans. Emerg. Telecommun. Technol. (2023). https://doi.org/10.1002/ett.4758
Ali, T.E., Chong, Y.W., Manickam, S.: Comparison of ML/DL Approaches for Detecting DDoS Attacks in SDN. Appl. Sci. 13(5), 3033 (2023). https://doi.org/10.3390/app13053033
Logeswari, G., Bose, S., Anitha, T.: An intrusion detection system for sdn using machine learning. Intell. Automat. Soft. Comput 35(1), 867–880 (2023). https://doi.org/10.32604/iasc.2023.026769
Saritha Reddy, A., Ramasubba Reddy, B., Suresh Babu, A.: An improved intrusion detection system for SDN using multistage optimized deep forest classifier. Int. J. Comput. Sci. Netw. Secur. 22(4), 374–386 (2022). https://doi.org/10.22937/IJCSNS.2022.22.4.44
Khedr, W.I., Gouda, A.E., Mohamed, E.R.: FMDADM: a multi-layer DDoS attack detection and mitigation framework using machine learning for stateful SDN-based IoT networks. IEEE Access 11, 28934–28954 (2023). https://doi.org/10.1109/ACCESS.2023.3260256
Chaganti, R., Suliman, W., Ravi, V., Dua, A.: Deep learning approach for SDN-enabled intrusion detection system in IoT networks. Information 14(1), 41 (2023). https://doi.org/10.3390/info14010041
Ravi, V., Chaganti, R., Alazab, M.: Deep learning feature fusion approach for an intrusion detection system in SDN-based IoT networks. IEEE Internet of Things Magazine 5(2), 24–29 (2022). https://doi.org/10.1109/IOTM.003.2200001
Chen, L., Wang, Z., Huo, R., Huang, T.: An adversarial DBN-LSTM method for detecting and defending against DDoS attacks in SDN environments. Algorithms 16(4), 197 (2023). https://doi.org/10.3390/a16040197
Safwan, H., Iqbal, Z., Amin, R., Khan, M.A., Alhaisoni, M., Alqahtani, A., Chang, B.: An IoT environment based framework for intelligent intrusion detection. CMC-Comput. Mater. Continua 75(2), 2365–2381 (2023). https://doi.org/10.32604/cmc.2023.033896
ElSayed, M.S., Le-Khac, N.A., Albahar, M.A., Jurcut, A.: A novel hybrid model for intrusion detection systems in SDNs based on CNN and a new regularization technique. J. Netw. Comput. Appl. 191, 103160 (2021). https://doi.org/10.1016/j.jnca.2021.103160
Duy, P.T., Khoa, N.H., Do Hoang, H., Pham, V.H.: Investigating on the robustness of flow-based intrusion detection system against adversarial samples using generative adversarial networks. J. Inf. Secur. Appl. 74, 103472 (2023). https://doi.org/10.1016/j.jisa.2023.103472
Friha, O., Ferrag, M.A., Shu, L., Maglaras, L., Choo, K.K.R., Nafaa, M.: FELIDS: federated learning-based intrusion detection system for agricultural Internet of Things. J. Parallel Distrib. Comput. 165, 17–31 (2022). https://doi.org/10.1016/j.jpdc.2022.03.003
Aouedi, O., Piamrat, K.: F-BIDS: federated-blending based intrusion detection system. Pervasive Mob. Comput. 89, 101750 (2023). https://doi.org/10.1016/j.pmcj.2023.101750
Elsayed, R.A., Hamada, R.A., Abdalla, M.I., Elsaid, S.A.: Securing IoT and SDN systems using deep-learning based automatic intrusion detection. Ain Shams Eng. J. 14(10), 102211 (2023). https://doi.org/10.1016/j.asej.2023.102211
Sarhan, M., Layeghy, S., Moustafa, N., Gallagher, M., Portmann, M.: Feature extraction for machine learning-based intrusion detection in IoT networks. Dig. Commun. Netw. (2022). https://doi.org/10.1016/j.dcan.2022.08.012
Amaouche, S., Guezzaz, A., Benkirane, S., Azrour, M., Khattak, S.B.A., Farman, H., Nasralla, M.M.: FSCB-IDS: feature selection and minority class balancing for attacks detection in VANETS. Appl. Sci. 13(13), 7488 (2023). https://doi.org/10.3390/app13137488
Gad, A.R., Nashat, A.A., Barkat, T.M.: Intrusion detection system using machine learning for vehicular ad hoc networks based on ToN-IoT dataset. IEEE Access 9, 142206–142217 (2021). https://doi.org/10.1109/ACCESS.2021.3120626
Altaf, T., Wang, X., Ni, W., Yu, G., Liu, R.P., Braun, R.: A new concatenated multigraph neural network for IoT intrusion detection. Internet Things 22, 100818 (2023). https://doi.org/10.1016/j.iot.2023.100818
Acknowledgements
We declare that this manuscript is original, has not been published before and is not currently being considered for publication elsewhere.
Author information
Authors and Affiliations
Contributions
The author confirms sole responsibility for the following: study conception and design, data collection, analysis and interpretation of results, and manuscript preparation.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Ethics approval
This material is the authors’ own original work, which has not been previously published elsewhere. The paper reflects the authors’ own research and analysis in a truthful and complete manner.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Rao, D.S., Emerson, A.J. Cyberattack defense mechanism using deep learning techniques in software-defined networks. Int. J. Inf. Secur. 23, 1279–1291 (2024). https://doi.org/10.1007/s10207-023-00785-w
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00785-w