On a Hybrid BiLSTM-GCNN-Based Approach for Attack Detection in SDN

Document Type

Conference Proceeding

Publication Date

1-1-2023

Abstract

Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm opens the door to new attack vectors that do not exist in traditional networks, such as flow table overflow attacks and flow rule injection attacks, which traditional intrusion detection systems are no longer sufficient to identify. To address this problem, we propose a new method that uses deep learning for attack detection in an SDN environment. In this method, we first utilize fisher score to remove insignificant features, then design a network model combining bi-directional long short-term memory network (BiLSTM) and gated convolutional neural network (GCNN) to capture the spatio-temporal features of network traffic, and finally use a fully connected layer to perform seven classifications of data. We choose focal loss as the loss function due to the imbalance of samples. The proposed model is evaluated based on the InSDN dataset, which is the latest IDS dataset developed specifically for SDN environments, and the CIC-IDS2017 dataset. The results show that the proposed model improves the performance for anomaly detection and achieves an accuracy of 99.80% and 98.85% on the InSDN and CIC-IDS2017 datasets, respectively. This level of detection accuracy provides great confidence in protecting SDN networks from anomalous traffic.

Identifier

85189855489 (Scopus)

ISBN

[9798350330014]

Publication Title

Proceedings 2023 IEEE International Conference on High Performance Computing and Communications Data Science and Systems Smart City and Dependability in Sensor Cloud and Big Data Systems and Application Hpcc Dss Smartcity Dependsys 2023

External Full Text Location

https://doi.org/10.1109/HPCC-DSS-SmartCity-DependSys60770.2023.00040

First Page

233

Last Page

240

This document is currently not available here.

Share

COinS