Deep-discovery: Anomaly discovery in software-defined networks using artificial neural networks

Neena Susan Shaji; Tanushree Jain; Raja Muthalagu; Pranav Mothabhau Pawar

doi:10.1016/j.cose.2023.103320

Deep-discovery: Anomaly discovery in software-defined networks using artificial neural networks

Neena Susan Shaji, Tanushree Jain, Raja Muthalagu, Pranav Mothabhau Pawar

Birla Institute of Technology and Science Pilani

Research output: Contribution to journal › Article › peer-review

12 Scopus citations

Abstract

This paper proposes Deep-Discovery, an Intrusion Detection System (IDS), to perform Anomaly Discovery in Software-Defined Networking (SDN) using Artificial Neural Network (ANN). The proposed IDS framework utilizes the Multi-Layer Perceptron (MLP), a Feedforward (FF) ANN, to detect volume-based and protocol-based Distributed Denial of Service (DDoS) attacks on the data plane of SDN. The proposed model considers the attack detection a multi-class classification problem and classifies the network traffic into six attack classes with an accuracy of 98.81% and a minimal False Alarm Rate (FAR) of 0.002. The proposed classification model addresses the binary classification problem to compare and analyze the classification performance metrics. The Deep-Discovery that deals with the binary classification problem categorizes the network traffic into anomalous and normal traffic with 99.79% accuracy and a nominal FAR of 0.0001. The novelty of this work is its emphasis on obtaining the optimal performance metrics with a simple neural network with minimal computational overhead rather than an intricate and complex model.

Original language	English
Article number	103320
Journal	Computers and Security
Volume	132
DOIs	https://doi.org/10.1016/j.cose.2023.103320
State	Published - Sep 2023
Externally published	Yes

Bibliographical note

Publisher Copyright:
© 2023 Elsevier Ltd

Funding

Pranav M. Pawar is currently working as an Assistant Professor in Birla Institute of Technology and Science Pilani, Dubai, UAE. He was a postdoctoral fellow at Bar-Ilan University, Israel from March 2019 to October 2020 in the area of Wireless Communication and Deep Leaning. He is the recipient of an out-standing postdoctoral fellowship from the Israel Planning and Budgeting Committee. His research interests are Energy efficient MAC for WSN, QoS in WSN, wireless security, green technology, computer architecture, database management system, and bioinformatics.

Keywords

Artificial neural network (ANN)
Attack detection
Classification algorithms
Deep learning (DL)
Distributed denial of service (DDoS) attacks
Security threats
Software-defined networking (SDN)

Access to Document

10.1016/j.cose.2023.103320

Cite this

@article{23769ae4a82e4e37accf5800c431c458,

title = "Deep-discovery: Anomaly discovery in software-defined networks using artificial neural networks",

abstract = "This paper proposes Deep-Discovery, an Intrusion Detection System (IDS), to perform Anomaly Discovery in Software-Defined Networking (SDN) using Artificial Neural Network (ANN). The proposed IDS framework utilizes the Multi-Layer Perceptron (MLP), a Feedforward (FF) ANN, to detect volume-based and protocol-based Distributed Denial of Service (DDoS) attacks on the data plane of SDN. The proposed model considers the attack detection a multi-class classification problem and classifies the network traffic into six attack classes with an accuracy of 98.81% and a minimal False Alarm Rate (FAR) of 0.002. The proposed classification model addresses the binary classification problem to compare and analyze the classification performance metrics. The Deep-Discovery that deals with the binary classification problem categorizes the network traffic into anomalous and normal traffic with 99.79% accuracy and a nominal FAR of 0.0001. The novelty of this work is its emphasis on obtaining the optimal performance metrics with a simple neural network with minimal computational overhead rather than an intricate and complex model.",

keywords = "Artificial neural network (ANN), Attack detection, Classification algorithms, Deep learning (DL), Distributed denial of service (DDoS) attacks, Security threats, Software-defined networking (SDN)",

author = "Shaji, {Neena Susan} and Tanushree Jain and Raja Muthalagu and Pawar, {Pranav Mothabhau}",

note = "Publisher Copyright: {\textcopyright} 2023 Elsevier Ltd",

year = "2023",

month = sep,

doi = "10.1016/j.cose.2023.103320",

language = "אנגלית",

volume = "132",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Ltd.",

}

TY - JOUR

T1 - Deep-discovery

T2 - Anomaly discovery in software-defined networks using artificial neural networks

AU - Shaji, Neena Susan

AU - Jain, Tanushree

AU - Muthalagu, Raja

AU - Pawar, Pranav Mothabhau

PY - 2023/9

Y1 - 2023/9

N2 - This paper proposes Deep-Discovery, an Intrusion Detection System (IDS), to perform Anomaly Discovery in Software-Defined Networking (SDN) using Artificial Neural Network (ANN). The proposed IDS framework utilizes the Multi-Layer Perceptron (MLP), a Feedforward (FF) ANN, to detect volume-based and protocol-based Distributed Denial of Service (DDoS) attacks on the data plane of SDN. The proposed model considers the attack detection a multi-class classification problem and classifies the network traffic into six attack classes with an accuracy of 98.81% and a minimal False Alarm Rate (FAR) of 0.002. The proposed classification model addresses the binary classification problem to compare and analyze the classification performance metrics. The Deep-Discovery that deals with the binary classification problem categorizes the network traffic into anomalous and normal traffic with 99.79% accuracy and a nominal FAR of 0.0001. The novelty of this work is its emphasis on obtaining the optimal performance metrics with a simple neural network with minimal computational overhead rather than an intricate and complex model.

AB - This paper proposes Deep-Discovery, an Intrusion Detection System (IDS), to perform Anomaly Discovery in Software-Defined Networking (SDN) using Artificial Neural Network (ANN). The proposed IDS framework utilizes the Multi-Layer Perceptron (MLP), a Feedforward (FF) ANN, to detect volume-based and protocol-based Distributed Denial of Service (DDoS) attacks on the data plane of SDN. The proposed model considers the attack detection a multi-class classification problem and classifies the network traffic into six attack classes with an accuracy of 98.81% and a minimal False Alarm Rate (FAR) of 0.002. The proposed classification model addresses the binary classification problem to compare and analyze the classification performance metrics. The Deep-Discovery that deals with the binary classification problem categorizes the network traffic into anomalous and normal traffic with 99.79% accuracy and a nominal FAR of 0.0001. The novelty of this work is its emphasis on obtaining the optimal performance metrics with a simple neural network with minimal computational overhead rather than an intricate and complex model.

KW - Artificial neural network (ANN)

KW - Attack detection

KW - Classification algorithms

KW - Deep learning (DL)

KW - Distributed denial of service (DDoS) attacks

KW - Security threats

KW - Software-defined networking (SDN)

UR - http://www.scopus.com/inward/record.url?scp=85163135007&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2023.103320

DO - 10.1016/j.cose.2023.103320

M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???

AN - SCOPUS:85163135007

SN - 0167-4048

VL - 132

JO - Computers and Security

JF - Computers and Security

M1 - 103320

ER -

Deep-discovery: Anomaly discovery in software-defined networks using artificial neural networks

Abstract

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this