Abstract
Traditional intrusion detection systems are insufficient to identify recent and modern sophisticated attempts with unpredictable patterns. The ability to reliably detect modern cyberattacks is vital. Current machine learning-based intrusion detection methods in the field of information technology cannot keep up with the exponential growth of network data and features. For the optimum and decreasing selection of high-dimensional incursion characteristics, deep convolutional neural networks (DCNN) can be an efficient approach. Traditional convolutional neural networks (CNN) are still limited to several parameters and are susceptible to local optimality. In this paper, we propose a DCNN model to detect attacks and test it on a Software Defined Network (SDN) environment. We use the InSDN dataset, specifically developed for the SDN environment. Additionally, the model has been trained using the CIC-IDS2017 and the CIC-DDoS2019 datasets to demonstrate the applicability of the model. Our model outperforms most of the recent attack detection methods and could achieve a 99.99% accuracy rate with only a 0.0016 loss rate.
Similar content being viewed by others
Data availability
The authors confirm that the dataset supporting the results of this study is available within the article on the reference number. Publicly available IDS datasets were used in this study. These datasets can be downloaded from https://aseados.ucd.ie/datasets/SDN/, https://www.unb.ca/cic/datasets/ids-2017.html and https://www.unb.ca/cic/datasets/ddos-2019.html.
Code availability
Evaluation and Experimental source code will be made available upon acceptance.
References
Novaes MP, Carvalho LF, Lloret J, Proença ML (2021) Adversarial deep learning approach detection and defense against DDoS attacks in SDN environments. Future Gener Comput Syst 125:156–167. https://doi.org/10.1016/j.future.2021.06.047
Kim J, Kim J, Kim H, Shim M, Choi E (2020) CNN-based network intrusion detection against denial-of-service attacks. Electronics 9(6):916. https://doi.org/10.3390/electronics9060916
Das T, Sridharan V, Gurusamy M (2020) A survey on controller placement in SDN. IEEE Commun Surv Tutor 22(1):472–503. https://doi.org/10.1109/COMST.2019.2935453
Chica JCC, Imbachi JC, Vega JFB (2020) Security in SDN: a comprehensive survey. J Netw Comput Appl 159:102595. https://doi.org/10.1016/j.jnca.2020.102595
Hussain J, Hnamte V (2021) Deep learning based intrusion detection system: software defined network. In: 2021 Asian Conference on Innovation in Technology (ASIANCON), pp 1–6. https://doi.org/10.1109/ASIANCON51346.2021.9544913
Hatcher WG, Yu W (2018) A survey of deep learning: platforms, applications and emerging research trends. IEEE Access 6:24411–24432. https://doi.org/10.1109/ACCESS.2018.2830661
Dridi L, Zhani MF (2016) SDN-Guard: DoS attacks mitigation in SDN networks. In: 2016 5th IEEE International Conference on cloud networking (Cloudnet), pp 212–217. https://doi.org/10.1109/CloudNet.2016.9
Bhushan K, Gupta BB (2019) Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment. J Ambient Intell Humaniz Comput 10(5):1985–1997. https://doi.org/10.1007/s12652-018-0800-9
Niyaz Q, Sun W, Javaid AY (2017) A deep learning based DDoS detection system in software-defined networking (SDN). EAI Endorsed Trans Secur Saf. https://doi.org/10.4108/eai.28-12-2017.153515
Hussain J, Hnamte V (2021) A novel deep learning based intrusion detection system : software defined network. In: 2021 International Conference on innovation and intelligence for informatics, computing, and technologies (3ICT), p 506–511. https://doi.org/10.1109/3ICT53449.2021.9581404
Wang H, Li W (2021) DDosTC: a transformer-based network attack detection hybrid mechanism in SDN. Sensors 21(15):5047. https://doi.org/10.3390/s21155047
Choobdar P, Naderan M, Naderan M (2022) Detection and multi-class classification of intrusion in software defined networks using stacked auto-encoders and cicids2017 dataset. Wirel Pers Commun 123(1):437–471. https://doi.org/10.1007/s11277-021-09139-y
Tang TA, Mhamdi L, McLernon D, Zaidi SAR, Ghogho M (2018) Deep recurrent neural network for intrusion detection in SDN-based networks. In: 2018 4th IEEE Conference on network softwarization and workshops (NetSoft), p 202–206. https://doi.org/10.1109/NETSOFT.2018.8460090
Abubakar A, Pranggono B (2017) Machine learning based intrusion detection system for software defined networks. In: 2017 Seventh International Conference on emerging security technologies (EST), p 138–143. https://doi.org/10.1109/EST.2017.8090413
Arora A, Gosain A (2021) Intrusion detection system for data warehouse with second level authentication. Int J Inf Technol 13:877–887. https://doi.org/10.1007/s41870-021-00659-1
Biswas P, Samanta T (2021) Anomaly detection using ensemble random forest in wireless sensor network. Int J Inf Technol 13(5):2043–2052. https://doi.org/10.1007/s41870-021-00717-8
Palumbo F, Gallicchio C, Pucci R, Micheli A (2016) Human activity recognition using multisensor data fusion based on reservoir computing. J Ambient Intell Smart Environ 8(2):87–107. https://doi.org/10.3233/ais-160372
Tripathi KN, Yadav AM, Sharma S (2022) DDOS: data dissemination with optimized and secured path using modified particle swarm optimization in vehicular communication network (vcn). Int J Inf Technol 14:1855–1868. https://doi.org/10.1007/s41870-021-00783-y
Najar AA, Manohar Naik S (2022) Ddos attack detection using mlp and random forest algorithms. Int J Inf Technol 14(5):2317–2327. https://doi.org/10.1007/s41870-022-01003-x
Tinubu C, Sodiya A, Ojesanmi O, Adeleke E, Adebowale A (2022) Dt-model: a classification model for distributed denial of service attacks and flash events. Int J Inf Technol 14(6):3077–3087. https://doi.org/10.1007/s41870-022-00946-5
Song D, Yuan X, Li Q, Zhang J, Sun M, Fu X, Yang L (2023) Intrusion detection model using gene expression programming to optimize parameters of convolutional neural network for energy internet. Appl Soft Comput 134:109960. https://doi.org/10.1016/j.asoc.2022.109960
Wong KKL, Fortino G, Abbott D (2020) Deep learning-based cardiovascular image diagnosis: a promising challenge. Future Gener Comput Syst 110:802–811. https://doi.org/10.1016/j.future.2019.09.047
Diro AA, Chilamkurti N (2018) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761–768. https://doi.org/10.1016/j.future.2017.08.043
Elsayed MS, Le-Khac N-A, Jurcut AD (2020) InSDN: a novel SDN intrusion dataset. IEEE Access 8:165263–165284. https://doi.org/10.1109/ACCESS.2020.3022633
Sharafaldin I, Lashkari AH, Ghorbani AA (2018) Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1:108–116. https://doi.org/10.5220/0006639801080116
Panigrahi R, Borah S (2018) A detailed analysis of CICIDS2017 dataset for designing intrusion detection systems. Int J Eng Technol 7(3.24):479–482. https://doi.org/10.14419/ijet.v7i3.24.22797
Sharafaldin I, Lashkari AH, Hakak S, Ghorbani AA (2019) Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy. In: 2019 International Carnahan Conference on Security Technology (ICCST), p 1–8. https://doi.org/10.1109/CCST.2019.8888419
Powers D (2011) Evaluation: from precision, recall and F-measure to ROC, informedness, markedness & correlation. J Mach Learn Technol 2(1):37–63. https://doi.org/10.48550/arXiv.2010.16061
Acknowledgements
The authors wish to thanks Mizoram University for all the support and motivation for this research.
Author information
Authors and Affiliations
Contributions
Conceptualization, VH and JH; methodology, VH and JH; software, VH; validation, VH and JH; formal analysis, VH; investigation, VH; resources, VH; data curation, VH; writing—original draft preparation, VH; writing—review and editing, VH, JH; visualization, VH; supervision, JH; project administration, JH.
Corresponding author
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Hnamte, V., Hussain, J. An efficient DDoS attack detection mechanism in SDN environment. Int. j. inf. tecnol. 15, 2623–2636 (2023). https://doi.org/10.1007/s41870-023-01332-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-023-01332-5