Flow Based Anomaly Detection in Software Defined Networking: A Deep Learning Approach With Feature Selection Method

Abstract

Software Defined Networking (SDN) has come to prominence in recent years and demonstrates an enormous potential in shaping the future of networking by separating control plane from data plane. OpenFlow is the first and most widely used protocol that makes this separation possible in the first place. As a newly emerged technology, SDN has its inherent security threats that can be eliminated or at least mitigated by securing the OpenFlow controller that manages flow control in SDN. A flow based anomaly detection method in OpenFlow controller using Deep Neural Network (DNN) have been approached in this research. Hence, in this exploration, we propose a combined Gated Recurrent Unit Long Short Term Memory (GRU-LSTM) Network intrusion detection system. In order to improve the classifier performance, an appropriate ANOVA F-Test and Recursive feature Elimination (RFE) (ANOVA F-RFE) feature selection method also have been applied. The proposed approach is tested using the benchmark dataset NSL-KDD. A subset of complete dataset with convenient feature selection ensures the highest accuracy of 87% with GRU-LSTM Model. Experimental results show that deep-learning approach with feature selection method offers high potential for flow-based anomaly detection in OpenFlow controller.