International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Classification of Network Traffic using Machine Learning for Software Defined Networks

  • Received : 2023.12.05
  • Published : 2023.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

As SDN devices and systems hit the market, security in SDN must be raised on the agenda. SDN has become an interesting area in both academics and industry. SDN promises many benefits which attract many IT managers and Leading IT companies which motivates them to switch to SDN. Over the last three decades, network attacks becoming more sophisticated and complex to detect. The goal is to study how traffic information can be extracted from an SDN controller and open virtual switches (OVS) using SDN mechanisms. The testbed environment is created using the RYU controller and Mininet. The extracted information is further used to detect these attacks efficiently using a machine learning approach. To use the Machine learning approach, a dataset is required. Currently, a public SDN based dataset is not available. In this paper, SDN based dataset is created which include legitimate and non-legitimate traffic. Classification is divided into two categories: binary and multiclass classification. Traffic has been classified with or without dimension reduction techniques like PCA and LDA. Our approach provides 98.58% of accuracy using a random forest algorithm.

Keywords

References

  1. D. B. Rawat and S. R. Reddy, "Software Defined Networking Architecture, Security and Energy Efficiency: A Survey," IEEE Commun. Surv. Tutorials, vol. 19, no. 1, pp. 325-346, 2017.
  2. S. A. Shah, J. Faiz, M. Farooq, A. Shafi, and S. A. Mehdi, "An architectural evaluation of SDN controllers," IEEE Int. Conf. Commun., vol. 1, pp. 3504-3508, 2013.
  3. P. Amaral, J. Dinis, P. Pinto, L. Bernardo, J. Tavares, and H. S. Mamede, "Machine Learning in Software Defined Networks: Data collection and traffic classification," 2016 IEEE 24th Int. Conf. Netw. Protoc., no. NetworkML, pp. 1-5, 2016.
  4. M. C. Dacier, H. Konig, R. Cwalinski, F. Kargl, and S. Dietrich, "Security Challenges and Opportunities of Software-Defined Networking," IEEE Secur. Priv., vol. 15, no. 2, pp. 96-100, 2017.
  5. C. Applications, " Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling ☆," vol. 87, no. November 2016, pp. 185-192, 2017.
  6. N. Moustafa, J. Slay, and I. Technology, "Intrusion Detection systems," 2015.
  7. M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A Detailed Analysis of the KDD CUP 99 Data Set," no. Cisda, pp. 1-6, 2009.
  8. S. Scott-Hayward, G. O'Callaghan, and S. Sezer, "SDN security: A survey," SDN4FNS 2013 - 2013 Work. Softw. Defin. Networks Futur. Networks Serv., 2013.
  9. S. Jantila and K. Chaipah, "A Security Analysis of a Hybrid Mechanism to Defend DDoS Attacks in SDN," Procedia Comput. Sci., vol. 86, no. March, pp. 437-440, 2016.
  10. A. J. Pinheiro, E. B. Gondim, and D. R. Campelo, "An efficient architecture for dynamic middlebox policy enforcement in SDN networks," Comput. Networks, vol. 122, pp. 153-162, 2017.
  11. K. Afdel, "DoS Detection Method based on Artificial Neural Networks," no. May, 2017.
  12. M. AL-Hawawreh, N. Moustafa, and E. Sitnikova, "Identification of malicious activities in industrial internet of things based on deep learning models," J. Inf. Secur. Appl., vol. 41, pp. 1-11,
  13. M. H. Kamarudin, C. Maple, T. Watson, and N. S. Safa, "A LogitBoost-Based Algorithm for Detecting Known and Unknown Web Attacks," IEEE Access, vol. 5, pp. 26190-26200, 2017.
  14. M. Belouch, S. El Hadaj, and M. Idlianmiad, "Performance evaluation of intrusion detection based on machine learning using apache spark," Procedia Comput. Sci., vol. 127, pp. 1-6,
  15. T. Janarthanan and S. Zargari, "Feature selection in UNSW-NB15 and KDDCUP'99 datasets," IEEE Int. Symp. Ind. Electron., pp. 1881-1886, 2017.
  16. S. K. Fayaz, Y. Tobioka, V. Sekar, M. Bailey, and M. Bailey, "Bohatei : Flexible and Elastic DDoS Defense This paper is included in the Proceedings of the," 2015.
  17. N. Anand, S. Babu, and B. S. Manoj, "On detecting compromised controller in software defined networks," Comput. Networks, vol. 137, pp. 107-118, 2018.
  18. N. Meti, D. G. Narayan, and V. P. Baligar, "Detection of Distributed Denial of Service Attacks using Machine Learning Algorithms in Software Defined Networks," pp. 1366-1371, 2017.
  19. X. You, Y. Feng, and K. Sakurai, "Packet In message based DDoS attack detection in SDN network using OpenFlow," 2017.
  20. N. Moustafa and J. Slay, "The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set," Inf. Secur. J., vol. 25, no. 1-3, pp. 18-31, 2016.
  21. N. Moustafa and J. Slay, "UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," 2015 Mil. Commun. Inf. Syst. Conf. MilCIS 2015 - Proc., 2015.
  22. RYU SDN Project Team, "RYU SDN Framework," 2016. [Online]. Available: https://osrg.github.io/ryubook/en/Ryubook.pdf. [Accessed: 27-Dec-2018].
  23. Mini net team, "Mininet: An Instant Virtual Network on your Laptop (or other PC) - Mininet," 2018. [Online]. Available: http://mininet.org/. [Accessed: 27-Dec-2018].
  24. Esnet and Lawrence Berkeley National Laboratory, "iPerf - The TCP, UDP and SCTP network bandwidth measurement tool," Iperf.Fr, 2016. [Online]. Available: https://iperf.fr/. [Accessed: 27-Dec-2018].
  25. "Scapy." [Online]. Available: https://scapy.net/. [Accessed: 27-Dec-2018].
  26. M. G. Luis, "TCPDUMP/LIBPCAP public repository," Online Doc., 2009.
  27. Microsoft Corporation, "Use the Analysis ToolPak to perform complex data analysis," Microsoft Office Support, 2018. [Online]. Available: https://support.office.com/en-us/article/Use-theAnalysis-ToolPak-to-perform-complex-data-analysis6C67CCF0-F4A9-487C-8DEC-BDB5A2CEFAB6. [Accessed: 27-Dec-2018].
  28. Mathworka, "Machine Learning with MATLAB - MATLAB & Simulink," 2016. [Online]. Available: https://www.mathworks.com/campaigns/products/offer/machine-learning-withmatlab.html?s_tid=hp_offer_ml_ebok. [Accessed: 27-Dec-2018].