Deep Learning Enabled Intrusion Detection and Prevention System over SDN Networks
Title | Deep Learning Enabled Intrusion Detection and Prevention System over SDN Networks |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Lee, T., Chang, L., Syu, C. |
Conference Name | 2020 IEEE International Conference on Communications Workshops (ICC Workshops) |
Date Published | June 2020 |
Publisher | IEEE |
ISBN Number | 978-1-7281-7440-2 |
Keywords | anomalous packets, brute force attacks, centralized management approach, Computer crime, computer network security, convolutional neural nets, convolutional neural network, data planes, DDoS Attack, DDoS Attacks, Deep Learning, deep learning models, denial-of-service attacks, DL-IDPS, Force, Human Behavior, human factors, Intrusion detection, learning (artificial intelligence), Long short-term memory, LSTM, machine learning, malicious packets, MLP, Multilayer Perceptron, multilayer perceptrons, network configuration, packet length, Payloads, policy-based governance, prevention system, pubcrawl, SAE, SDN networks, SDN switch, secure shell brute-force attacks, Software Defined Network, software defined networking, Software Defined Networks, SSH Brute-force, SSH brute-force attack, stacked auto-encoder, Switches |
Abstract | The Software Defined Network (SDN) provides higher programmable functionality for network configuration and management dynamically. Moreover, SDN introduces a centralized management approach by dividing the network into control and data planes. In this paper, we introduce a deep learning enabled intrusion detection and prevention system (DL-IDPS) to prevent secure shell (SSH) brute-force attacks and distributed denial-of-service (DDoS) attacks in SDN. The packet length in SDN switch has been collected as a sequence for deep learning models to identify anomalous and malicious packets. Four deep learning models, including Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Stacked Auto-encoder (SAE), are implemented and compared for the proposed DL-IDPS. The experimental results show that the proposed MLP based DL-IDPS has the highest accuracy which can achieve nearly 99% and 100% accuracy to prevent SSH Brute-force and DDoS attacks, respectively. |
URL | https://ieeexplore.ieee.org/document/9145085 |
DOI | 10.1109/ICCWorkshops49005.2020.9145085 |
Citation Key | lee_deep_2020 |
- SAE
- malicious packets
- MLP
- Multilayer Perceptron
- multilayer perceptrons
- network configuration
- packet length
- Payloads
- policy-based governance
- prevention system
- pubcrawl
- machine learning
- SDN networks
- SDN switch
- secure shell brute-force attacks
- Software Defined Network
- software defined networking
- Software Defined Networks
- SSH Brute-force
- SSH brute-force attack
- stacked auto-encoder
- Switches
- deep learning models
- brute force attacks
- centralized management approach
- Computer crime
- computer network security
- convolutional neural nets
- convolutional neural network
- data planes
- DDoS Attack
- DDoS Attacks
- deep learning
- anomalous packets
- denial-of-service attacks
- DL-IDPS
- Force
- Human behavior
- Human Factors
- Intrusion Detection
- learning (artificial intelligence)
- Long short-term memory
- LSTM