Skip to main content
SpringerLink
Log in

Performance Analysis of SDN-Based Intrusion Detection Model with Feature Selection Approach

  • Conference paper
  • First Online:
Proceedings of International Joint Conference on Computational Intelligence

Part of the book series: Algorithms for Intelligent Systems ((AIS))

Abstract

Generally, there are two types of approaches available for the detection of networks attacks, namely signature based and anomaly based. In this work, we will analyze the performance of anomaly-based detection model in SDN with the help of some common machine learning algorithms and feature selection mechanisms. We construct a mechanism of machine learning model for an intrusion detection system and train the model with the NSL-KDD Data set using feature selection technique. In order to enhance the performance of the classifier, some feature selection methods have been applied as a prepossessing of the data set. We have used five feature selection methods, namely Info Gain, Gain Ratio, CFS Subset Evaluator, Symmetric Uncertainty, and Chi-square test. A full data set of 41 features and a reduced data set after applying feature selection method has been experimented. A data set with feature selection ensures the highest accuracy with Random Forest classifier using Gain Ratio feature selection Evaluator.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Software Defined Networking Definition. Available. https://www.opennetworking.org/sdn-definition. Accessed 16 May 2017

  2. McKeown N, Anderson T, Balakrishnan H et al (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev 38(2):69–74

    Article  Google Scholar 

  3. Open Networking Foundation, ONF SDN Evolution. Available. http://3vf60mmveq1g8vzn48q2o71a-wpengine.netdna-ssl.com/wp-content/uploads/2013/05/TR-535-ONF-SDN-Evolution.pdf. Accessed 25 Feb 2018

  4. Jain S, Kumar A, Mandal S, Ong J, Poutievski L, Singh A, Venkata S, Wanderer J, Zhou J, Zhu M et al (2013) B4: experience with a globally-deployed software defined wan. ACM SIGCOMM Comput Commun Rev 43(4):3–14

    Article  Google Scholar 

  5. C. T. Huawei Press Centre and H. unveil world’s first commercial deployment of SDN in carrier networks. Available. http://pr.huawei.com/en/news/hw-332209-sdn.htm. Accessed 28 Feb 2018

  6. Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N, Shenker S (2008) Nox: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev 38(3):105–110

    Article  Google Scholar 

  7. Ryu. Available. http://osrg.github.io/ryu. Accessed 06 March 2018

  8. Erickson D (2013) The Beacon OpenFlow controller. In: Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking. ACM, pp 13–18

    Google Scholar 

  9. OpenDaylight: a Linux foundation collaborative project. Available. http://www.opendaylight.org. Accessed 11 March 2018

  10. Floodlight. Available. http://www.projectfloodlight.org. Accessed 15 March 2018

  11. Jadidi Z, Muthukkumarasamy V, Sithirasenan E, Sheikhan M (2013) Flow-based anomaly detection using neural network optimized with gsa algorithm. In: 2013 IEEE 33rd international conference on distributed computing systems workshops, pp 76–81

    Google Scholar 

  12. Winter P, Hermann E, Zeilinger M (2011) Inductive intrusion detection in flow-based network data using one-class support vector machines. In: 2011 4th IFIP international conference on new technologies, mobility and security (NTMS). IEEE, pp 1–5

    Google Scholar 

  13. Mehdi SA, Khalid J, Khayam SA (2011) Revisiting traffic anomaly detection using software defined networking. In: International workshop on recent advances in intrusion detection. Springer, pp 161–180

    Google Scholar 

  14. Braga R, Mota E, Passito A (2010) Lightweight ddos flooding attack detection using nox/openflow. In: 2010 IEEE 35th conference on local computer networks (LCN). IEEE, pp 408–415

    Google Scholar 

  15. Kokila R, Selvi ST, Govindarajan K (2014) Ddos detection and analysis in sdn-based environment using support vector machine classifier. In: 2014 sixth international conference on advanced computing (ICoAC). IEEE, pp 205–210

    Google Scholar 

  16. Phan TV, Van Toan T, Van Tuyen D, Huong TT, Thanh NH (2016) Openflowsia: an optimized protection scheme for software-defined networks from flooding attacks. In: 2016 IEEE sixth international conference on communications and electronics (ICCE). IEEE, pp 13–18

    Google Scholar 

  17. Tang T, Mhamdi L, McLernon D, Zaidi SAR, Ghogho M (2016) Deep learning approach for network intrusion detection in software defined networking. In: 2016 International conference on wireless networks and mobile communications (WINCOM) (WINCOM16), Fez, Morocco, Oct 2016

    Google Scholar 

  18. Louridas P, Ebert C (2016) Machine learning. IEEE Softw 33(5):110–115

    Article  Google Scholar 

  19. Meng YX (2011) The practice on using machine learning for network anomaly intrusion detection. In: International conference on machine learning and cybernetics (ICMLC), vol 2. IEEE, pp 576–581

    Google Scholar 

  20. Tavallaee M, Bagheri E, Lu W, Ghorbani A-A (2009) A detailed analysis of the kdd cup 99 data set. In: Proceedings of the second IEEE symposium on computational intelligence for security and defence applications

    Google Scholar 

  21. WEKA. Data Mining Machine Learning Software [Available Online]. http://www.cs.waikato.ac.nz/ml/weka. Accessed 11 May 2018

  22. Ingre B, Yadav A (2015) Performance analysis of NSL-KDD dataset using ANN. In: 2015 International conference on signal processing and communication engineering systems, Guntur, pp 92–96

    Google Scholar 

  23. Abubakar A, Pranggono B (2017) Machine learning based intrusion detection system for software defined networks. In: Proceedings of the 2017 eighth international conference on emerging security technologies (EST). IEEE

    Google Scholar 

  24. Ashraf J, Latif S (2014) Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques. In: 2014 national software engineering conference, Rawalpindi, pp 55–60

    Google Scholar 

  25. Dhanabal L, Shantharajah P (2015) A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. Int J Adv Res Comput Commun Eng 446–452

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Military Institute of Science and Technology, Dhaka, 1216, Bangladesh

    Samrat Kumar Dey & Md. Mahbubur Rahman

  2. Daffodil International University, Dhaka, 1207, Bangladesh

    Md. Raihan Uddin

Authors
  1. Samrat Kumar Dey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Md. Raihan Uddin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Md. Mahbubur Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Samrat Kumar Dey .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Jahangirnagar University, Dhaka, Bangladesh

    Mohammad Shorif Uddin

  2. Department of Mathematics, South Asian University, New Delhi, Delhi, India

    Jagdish Chand Bansal

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dey, S.K., Raihan Uddin, M., Mahbubur Rahman, M. (2020). Performance Analysis of SDN-Based Intrusion Detection Model with Feature Selection Approach. In: Uddin, M., Bansal, J. (eds) Proceedings of International Joint Conference on Computational Intelligence. Algorithms for Intelligent Systems. Springer, Singapore. https://doi.org/10.1007/978-981-13-7564-4_41

Download citation

Publish with us

Policies and ethics

Search

Navigation