Stacked Autoencoder Based Neural Network for Identifying Malicious Traffic in SDN
Keywords:
software-defined networking (SDN), stacked autoencoder based Convolutional Neural Network (SA-CNN), malicious, Term Frequency and Inverted Document Frequency (TF-IDF), ), deep packet inspection (DPI)Abstract
Deep packet inspection (DPI) has drawn a lot of interest in software-defined networking (SDN) because sophisticated assaults might smuggle harmful payloads into packets. Third-party proprietary pattern-based or port-based DPI solutions may struggle to handle a large amount of data flow effectively. In order to provide adaptive and effective packet assessment, a unique stacked autoencoder based Convolutional Neural Network (SA-CNN) approach is described in this research. The first step in SA-CNN's early detection prescription is to scan each new flow's IP address through SA-CNN. Following that, SA-CNN enables profound packet assessment at the packet-level granularity: (i) for unencrypted packets, stacked autoencoder extract the features of reachable payloads, together with tri-gram incidence based on Term Frequency and Inverted Document Frequency (TF-IDF) and linguistic properties. These qualities are combined into a sparse matrix representation rather than matching with particular pattern combinations in order to train a CNN classifier. The SA-CNN presents an adaptive packet sampling window that utilizes linear prediction to balance the degree of detection precision as well as the bottleneck of the SDN controller; and (ii) for encrypted packets, the SA-CNN extracts salient features from packets and then trains a CNN classified with a another methods, slightly than decrypting the encrypted traffic to compromise user solitude. On the Mininet platform and Ryu SDN controller, an SA-CNN prototype is put into operation. Through experiments, the presentation and overhead of the suggested explanation are evaluated with datasets from the actual world. The arithmetical outcomes show that SA-CNN can significantly increase detection accuracy while maintaining reasonable overheads.
Downloads
References
Elsayed, M. S., Le-Khac, N. A., Dev, S., & Jurcut, A. D. (2020, August). Ddosnet: A deep-learning model for detecting network attacks. In 2020 IEEE 21st International Symposium on" A World of Wireless, Mobile and Multimedia Networks"(WoWMoM) (pp. 391-396). IEEE.
Chang, L. H., Lee, T. H., Chu, H. C., & Su, C. W. (2020). Application-based online traffic classification with deep learning models on sdn networks. Adv. Technol. Innov, 5(4), 216-229.
Fouladi, R. F., Ermiş, O., & Anarim, E. (2022). A DDoS attack detection and countermeasure scheme based on DWT and auto-encoder neural network for SDN. Computer Networks, 214, 109140.
Ujjan, R. M. A., Pervez, Z., Dahal, K., Khan, W. A., Khattak, A. M., & Hayat, B. (2021). Entropy based features distribution for anti-ddos model in sdn. Sustainability, 13(3), 1522.
Lee, T. H., Chang, L. H., & Syu, C. W. (2020, June). Deep learning enabled intrusion detection and prevention system over SDN networks. In 2020 IEEE International Conference on Communications Workshops (ICC Workshops) (pp. 1-6). IEEE.
Ahuja, N., Singal, G., & Mukhopadhyay, D. (2021, January). DLSDN: Deep learning for DDOS attack detection in software defined networking. In 2021 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence) (pp. 683-688). IEEE.
Yaser, A. L., Mousa, H. M., & Hussein, M. (2022). Improved DDoS Detection Utilizing Deep Neural Networks and Feedforward Neural Networks as Autoencoder. Future Internet, 14(8), 240.
Garg, S., Kaur, K., Kumar, N., & Rodrigues, J. J. (2019). Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in SDN: A social multimedia perspective. IEEE Transactions on Multimedia, 21(3), 566-578.
Ujjan, R. M. A., Pervez, Z., Dahal, K., Bashir, A. K., Mumtaz, R., & González, J. (2020). Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Generation Computer Systems, 111, 763-779.
Sindian, S., & Samer, S. (2020). An enhanced deep autoencoder-based approach for DDoS attack detection. Wseas Trans. Syst. Control, 15, 716-725.
Qin, Y., Wei, J., & Yang, W. (2019, September). Deep learning based anomaly detection scheme in software-defined networking. In 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS) (pp. 1-4). IEEE.
Yang, L., Song, Y., Gao, S., Xiao, B., & Hu, A. (2020, December). Griffin: an ensemble of autoencoders for anomaly traffic detection in SDN. In GLOBECOM 2020-2020 IEEE Global Communications Conference (pp. 1-6). IEEE.
Novaes, M. P., Carvalho, L. F., Lloret, J., & Proença Jr, M. L. (2021). Adversarial Deep Learning approach detection and defense against DDoS attacks in SDN environments. Future Generation Computer Systems, 125, 156-167.
Hashemi, M. J., & Keller, E. (2020, November). Enhancing robustness against adversarial examples in network intrusion detection systems. In 2020 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN) (pp. 37-43). IEEE.
Alzahrani, A. O., & Alenazi, M. J. (2021). Designing a network intrusion detection system based on machine learning for software defined networks. Future Internet, 13(5), 111.
Al-jammaz, R. A. ., Rawash, U. A. ., Kashef , N. M. ., & Ibrahim, E. M. . (2023). A Framework for Providing Augmented Reality as a Service Provided by Cloud Computing for E-Learning. International Journal on Recent and Innovation Trends in Computing and Communication, 11(2s), 20–31. https://doi.org/10.17762/ijritcc.v11i2s.6025
Morzelona, R. (2021). Human Visual System Quality Assessment in The Images Using the IQA Model Integrated with Automated Machine Learning Model . Machine Learning Applications in Engineering Education and Management, 1(1), 13–18. Retrieved from http://yashikajournals.com/index.php/mlaeem/article/view/5
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.