On the Improvement of Machine Learning Based Intrusion Detection System for SDN Networks

Abstract

Software-Defined Networking (SDN) is seen as a next-generation paradigm promising to build a vendor-neutral networking environment. By decoupling control plane from data plane, SDN shifts network intelligent logic into a logically centralized controller, thereby helping address many thorny problems in conventional network architecture. Despite of offering immense benefits, SDN has shown to be vulnerable to cyber attacks; meanwhile, Machine Learning (ML) has come into being the most powerful weapon to deal with those of security issues. In this paper, we proposed an improved solution of ML-based network intrusion detection system for better protecting SDN from malicious activities. The proposed solution is formed from a combination of ML techniques including Deep Sparse Autoencoder for reducing dimension and learning meaningful feature representation in network data; Conditional Generative Adversarial Network for solving data imbalance problem in intrusion detection datasets; and Ensemble Learning methods for classifying anomaly network traffic. Moreover, we leverage NetFPGA, a high-speed networking platform, to accelerate the packet processing task for the proposed system. By evaluating on empirical datasets, we show that our proposed system is capable of fast classification network traffic with high detection accuracy rate and relatively low false negative/positive rate.