Electronics (Sep 2020)

DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking

  • Tuan Anh Tang,
  • Lotfi Mhamdi,
  • Des McLernon,
  • Syed Ali Raza Zaidi,
  • Mounir Ghogho,
  • Fadi El Moussa

DOI
https://doi.org/10.3390/electronics9091533
Journal volume & issue
Vol. 9, no. 9
p. 1533

Abstract

Read online

Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.

Keywords