Mhamdi, L. orcid.org/0009-0000-6492-2088 and Isa, M.M. (2024) Securing SDN: Hybrid autoencoder-random forest for intrusion detection and attack mitigation. Journal of Network and Computer Applications, 225. 103868. ISSN 1084-8045
Abstract
Software Defined Networking (SDN) has revolutionized network administration by providing centralized management through software, enabling traffic adjustment independent of the data plane. Despite the benefits, SDN networks are prone to security threats from external sources, thus necessitating the implementation of security measures. Unfortunately, most existing efforts have been just a simple mapping of earlier solutions into the SDN environments. This paper addresses the problem of SDN security based on deep learning in a purely native SDN environment, where a Deep Learning intrusion detection module is tailored to a native SDN environment. In particular, we propose a hybrid Deep AutoEncoder with a Random Forest classifier model (DAERF) to enhance intrusion detection performance in a native SDN environment. The proposed model is incorporated into a novel adaptive framework for attack mitigation in SDN environments. The proposed framework consists of a three-layer protection mechanism for detecting and preventing attacks. It is based on entropy-based detection, hybrid machine learning in the control layer and proactive services monitoring in the application layer. Experimental results have shown that our DEARF proposed autoencoder model achieved anomaly detection rates in excess of 98% in stand-alone mode as well as when incorporated within the framework, making it highly solution for next generation SDN networks.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2024 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/). |
Keywords: | Network security; Software defined networking; Machine learning; Intrusion detection; Autoencoder and random forest |
Dates: |
|
Institution: | The University of Leeds |
Academic Units: | The University of Leeds > Faculty of Engineering & Physical Sciences (Leeds) > School of Electronic & Electrical Engineering (Leeds) > Institute of Communication & Power Networks (Leeds) |
Depositing User: | Symplectic Publications |
Date Deposited: | 21 Mar 2024 12:06 |
Last Modified: | 21 Mar 2024 12:06 |
Status: | Published |
Publisher: | Elsevier |
Identification Number: | 10.1016/j.jnca.2024.103868 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:210685 |