JACIII Vol.23 No.3 pp. 396-401
doi: 10.20965/jaciii.2019.p0396


Deep Learning SDN Intrusion Detection Scheme Based on TW-Pooling

Qingyue Meng*, Shihui Zheng*, and Yongmei Cai**

*School of Cyberspace Security, Beijing University of Posts and Telecommunications
West TuCheng Road 10, Haidian, Beijing 100876, China

**School of Computer Science and Engineering, Xinjiang University of Finance and Economics
No.449 Beijing Middle Road, Urumqi, Xinjiang Uygur Autonomous Region 830026, China

June 6, 2018
July 24, 2018
May 20, 2019
Software Defined Network, control plane, attack detection

The numerical control separation in the Software-Defined Network (SDN) allows the control plane to have the absolute management rights of the network. As a new management plane of the SDN, once it is attacked, it will cause the entire network to face flaws. For this reason, this paper proposes a SDN control plane attack detection scheme based on deep learning, which can detect and respond to attacks on the SDN control plane in time. In this scenario, we propose a new pooling scheme that uses the TF-IDF idea to weight the characteristics of network traffic. Ultimately, our method achieved an accuracy of 99.8% in the SDN network’s traffic data set including 24 attack types.

Cite this article as:
Q. Meng, S. Zheng, and Y. Cai, “Deep Learning SDN Intrusion Detection Scheme Based on TW-Pooling,” J. Adv. Comput. Intell. Intell. Inform., Vol.23, No.3, pp. 396-401, 2019.
Data files:
  1. [1] I. Ahmad, S. Namal, M Ylianttila et al., “Security in Software Defined Networks: A Survey,” IEEE Communications Surveys & Tutorials, Vol.17, No.4, pp. 2317-2346, 2015.
  2. [2] J. M. Dover, “A denial of service attack against the Open Floodlight SDN controller,” Dover Networks, Tech. Rep., 2013.
  3. [3] T. V. Tran and H. Ahn, “Flowtracker: A SDN Stateful Firewall Solution with Adaptive Connection Tracking and Minimized Controller Processing,” Int. Conf. on Software Networking, IEEE, pp. 1-5, 2016.
  4. [4] N. N. Dao, J. Park, M. Park et al., “A feasible method to combat against DDoS attack in SDN network,” Int. Conf. on Information Networking, IEEE, pp. 309-311, 2015.
  5. [5] S. Padmaja and V. Vetriselvi, “Mitigation of switch-DoS in software defined network,” Int. Conf. on Information Communication and Embedded Systems, IEEE, 2016.
  6. [6] Hou, “Research on DoS Attack Detection Technology Based on SDN,” Beijing Jiaotong University, 2016.
  7. [7] L. Dridi and M. F. Zhani, “SDN-Guard: DoS Attacks Mitigation in SDN Networks,” IEEE Int. Conf. on Cloud Networking, IEEE, 2016.
  8. [8] T. Wang and H. Chen, “SGuard: A lightweight SDN safe-guard architecture for DoS attacks,” China Communications, Vol.14, No.6, pp. 113-125, 2017.
  9. [9] K. He, G. Gkioxari, P. Dollár et al., “Mask R-CNN,” arXiv:1703.06870, 2017.
  10. [10] Y. Huang, X. Sun, M. Lu et al., “Channel-Max, Channel-Drop and Stochastic Max-pooling,” 2015 IEEE Conf. on Computer Vision and Pattern Recognition Workshops (CVPRW), pp. 9-17, 2015.
  11. [11] M. Cai, Y. Shi, and J. Liu, “Stochastic pooling maxout networks for low-resource speech recognition,” 2014 IEEE Int. Conf. on Acoustics, Speech and Signal Processing (ICASSP), pp. 3266-3270, 2014.
  12. [12] Y. Li and B. Shen, “Research on sentiment analysis of microblogging based on LSA and TF-IDF,” IEEE Int. Conf. on Computer and Communications, IEEE, pp. 2584-2588, 2017.
  13. [13] N. Paulauskas and J. Auskalnis, “Analysis of data pre-processing influence on intrusion detection using NSL-KDD dataset,” Electrical, Electronic and Information Sciences, IEEE, pp. 1-5, 2017.
  14. [14] M. S. Pervez and D. M. Farid, “Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs,” Int. Conf. on Software, Knowledge, Information Management and Applications, IEEE, pp. 1-6, 2015.
  15. [15] B. Ingre and A. Yadav, “Performance analysis of NSL-KDD dataset using ANN,” Int. Conf. on Signal Processing and Communication Engineering Systems, IEEE, pp. 92-96, 2015.
  16. [16] M. F. Azeem and A. Banakar, “Recurrent Sigmoid-Wavelet Neurons for Forecasting of Dynamic Systems,” IEEE Int. Conf. on Information Reuse and Integration, IEEE, pp. 556-562, 2007.
  17. [17] A. Krizhevsky, I. Sutskever, and G. E. Hinton, “ImageNet classification with deep convolutional neural networks,” Int. Conf. on Neural Information Processing Systems, Curran Associates Inc., pp. 1097-1105, 2012.

*This site is desgined based on HTML5 and CSS3 for modern browsers, e.g. Chrome, Firefox, Safari, Edge, IE9,10,11, Opera.

Last updated on Sep. 19, 2019