Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking

Dey, Samrat Kumar; Rahman, Md. Mahbubur

doi:10.3390/sym12010007

Cited by 50 publications

(26 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Even though binary and multi-class classification were done in this study, the studies compared according to multi-class accuracies, since not all studies were contained both classifications. [34] MCD-KDE 91.71 Ieracitano et al [35] AE50 87 Garg et al [36] SVM 87.56 Dong et al [37] MCA-LSTM 82.15 Dey et al [38] GRU-LSTM 87.91 Li et al [39] GINI-GBDT-PSO 86.10 Wu et al [40] CNN 79.48 Le et al [41] LSTM 92 Gogoi et al [42] TUIDS 96.55 Tang et al [43] DNN 91.7 Yin et al [44] RNN 83.28 Tang et al [45] RNN 89 Proposed Technique V-IDS 97.52…”

Section: Binary Training Resultsmentioning

confidence: 99%

A novel approach for intrusion detection systems: V-IDS

Ince¹

2021

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Intrusion Detection System (IDS) is a security mechanism that detects abnormal activities in a network. An ideal IDS must detect intrusion attempts and maybe categorize for further researches and keep false positive analysis at a very low level. IDSs are used in the analysis of network traffic data at all sizes. Studies on this subject focused on machine learning (ML) techniques, even though the performance rates are high, it is seen that processes such as data understanding, preprocessing and consistency tests are time consuming and laborious. For this reason, the use of deep learning (DL) models that automatically perform the mentioned steps has become very popular. In this study, a high-performance approach that can be applied in real time system is proposed which is named V-IDS (Visual IDS). NSL-KDD data set which is one of the large-scale datasets, is used. Data visualization (DV) techniques were applied in order to determine geometric relationships between records and the data were classified by using DL model. The model achieved 98 percentage accuracy in total and even higher in some intrusion categories.

show abstract

Section: Binary Training Resultsmentioning

confidence: 99%

A novel approach for intrusion detection systems: V-IDS

Ince¹

2021

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

show abstract

“…Second, DL‐based attack detection was made based on gated recurrent unit‐LSTM. When the results obtained in both cases were compared, it was emphasised that DL is a better option for intrusion recognition [18].…”

Section: Related Workmentioning

confidence: 99%

Deep network approach with stacked sparse autoencoders in detection of DDoS attacks on SDN‐based VANET

2020

View full text Add to dashboard Cite

Software-defined network (SDN)-based vehicular ad hoc network (VANET) is an outstanding technology for smart transportation as it increases traffic safety, efficiency, comfort, and manageability. However, despite all its benefits and good performance, SDN-based VANET is vulnerable to attack threats such as distributed denial of service (DDoS). When SDN-based VANET systems are exposed to DDoS attacks, this may affect traffic safety, causing traffic accidents and deaths. Therefore, the relevant security threats need to be addressed before integrating the SDN-based VANETs into smart transportation systems. In this study, the stacked sparse autoencoder (SSAE) + Softmax classifier deep network model is proposed to detect DDoS attacks targeting SDN-based VANETs. The features in the dataset obtained from the SDN-based VANET were reduced dimensionally utilising SSAE, and the most significant features were obtained. Then, these features were used as input into the Softmax classifier. According to the experimental results, the best accuracy scores were calculated as 96.9% using the four-layer SSAE + Softmax classifier deep network model proposed. When compared, the results demonstrate the SSAE + Softmax classifier deep network model proposed can obtain better results in the classification of DDoS attacks and is more successful than the other machine learning classifiers.

show abstract

“…Machine learning methods first select features, and then use classifiers to detect intrusions, such as random forest (RF) [4], decision tree (DT) [5], and support vector machine (SVM) [6]. Deep learning methods can automatically extract features and classify to realize intrusion detection, such as autoencoders [7], long short term memory (LSTM) [8], and deep neural networks (DNN) [9]. The ensemble learning method uses various ensemble and hybrid technologies for intrusion detection, including bagging [10], boosting [11], stacking [12], and combined classifier methods [13].…”

Section: Introductionmentioning

confidence: 99%

SAAE-DNN: Deep Learning Method on Intrusion Detection

2020

View full text Add to dashboard Cite

Intrusion detection system (IDS) plays a significant role in preventing network attacks and plays a vital role in the field of national security. At present, the existing intrusion detection methods are generally based on traditional machine learning models, such as random forest and decision tree, but they rely heavily on artificial feature extraction and have relatively low accuracy. To solve the problems of feature extraction and low detection accuracy in intrusion detection, an intrusion detection model SAAE-DNN, based on stacked autoencoder (SAE), attention mechanism and deep neural network (DNN), is proposed. The SAE represents data with a latent layer, and the attention mechanism enables the network to obtain the key features of intrusion detection. The trained SAAE encoder can not only automatically extract features, but also initialize the weights of DNN potential layers to improve the detection accuracy of DNN. We evaluate the performance of SAAE-DNN in binary-classification and multi-classification on an NSL-KDD dataset. The SAAE-DNN model can detect normally and attack symmetrically, with an accuracy of 87.74% and 82.14% (binary-classification and multi-classification), which is higher than that of machine learning methods such as random forest and decision tree. The experimental results show that the model has a better performance than other comparison methods.

show abstract

Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking

Cited by 50 publications

References 37 publications

A novel approach for intrusion detection systems: V-IDS

A novel approach for intrusion detection systems: V-IDS

Deep network approach with stacked sparse autoencoders in detection of DDoS attacks on SDN‐based VANET

SAAE-DNN: Deep Learning Method on Intrusion Detection

Contact Info

Product

Resources

About