Visible to the public Deep Learning Enabled Intrusion Detection and Prevention System over SDN Networks

TitleDeep Learning Enabled Intrusion Detection and Prevention System over SDN Networks
Publication TypeConference Paper
Year of Publication2020
AuthorsLee, T., Chang, L., Syu, C.
Conference Name2020 IEEE International Conference on Communications Workshops (ICC Workshops)
Date PublishedJune 2020
PublisherIEEE
ISBN Number978-1-7281-7440-2
Keywordsanomalous packets, brute force attacks, centralized management approach, Computer crime, computer network security, convolutional neural nets, convolutional neural network, data planes, DDoS Attack, DDoS Attacks, Deep Learning, deep learning models, denial-of-service attacks, DL-IDPS, Force, Human Behavior, human factors, Intrusion detection, learning (artificial intelligence), Long short-term memory, LSTM, machine learning, malicious packets, MLP, Multilayer Perceptron, multilayer perceptrons, network configuration, packet length, Payloads, policy-based governance, prevention system, pubcrawl, SAE, SDN networks, SDN switch, secure shell brute-force attacks, Software Defined Network, software defined networking, Software Defined Networks, SSH Brute-force, SSH brute-force attack, stacked auto-encoder, Switches
Abstract

The Software Defined Network (SDN) provides higher programmable functionality for network configuration and management dynamically. Moreover, SDN introduces a centralized management approach by dividing the network into control and data planes. In this paper, we introduce a deep learning enabled intrusion detection and prevention system (DL-IDPS) to prevent secure shell (SSH) brute-force attacks and distributed denial-of-service (DDoS) attacks in SDN. The packet length in SDN switch has been collected as a sequence for deep learning models to identify anomalous and malicious packets. Four deep learning models, including Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Stacked Auto-encoder (SAE), are implemented and compared for the proposed DL-IDPS. The experimental results show that the proposed MLP based DL-IDPS has the highest accuracy which can achieve nearly 99% and 100% accuracy to prevent SSH Brute-force and DDoS attacks, respectively.

URLhttps://ieeexplore.ieee.org/document/9145085
DOI10.1109/ICCWorkshops49005.2020.9145085
Citation Keylee_deep_2020