SDN traffic anomaly detection method based on convolutional autoencoder and federated learning

Abstract

With the rapid development of the Internet, people pay more and more attention to network security and data privacy. Using the characteristics of SDN data and control separation, it is easy to embed a traffic detection model in edge devices to achieve abnormal traffic detection. However, although the traditional intrusion detection model can provide good recognition accuracy, it requires many labeled samples for model training. Not only is it challenging to obtain labeled samples, but it also brings privacy issues. This paper combines federated learning and anomaly-based CAE model in the SDN network and realizes intrusion detection on encrypted traffic under the premise of effectively protecting data privacy and reducing the workload of data labeling. Furthermore, we design an aggregation model selection algorithm based on loss and data volume evaluation, which reduces the overall training time of the federation and improves the model's accuracy.