Securing SDON with hybrid evolutionary intrusion detection system: An ensemble algorithm for feature selection and classification

IF 2.6 3区计算机科学 Q2 ENGINEERING, ELECTRICAL & ELECTRONIC

Optical Fiber Technology Pub Date : 2025-03-20 DOI:10.1016/j.yofte.2025.104206

Benitha Christinal J. , Ameelia Roseline A.

{"title":"Securing SDON with hybrid evolutionary intrusion detection system: An ensemble algorithm for feature selection and classification","authors":"Benitha Christinal J. , Ameelia Roseline A.","doi":"10.1016/j.yofte.2025.104206","DOIUrl":null,"url":null,"abstract":"<div><div>Software-Defined Optical Network (SDON) is a modernized approach to manage optical networks by integrating the principles of Software-Defined Networking (SDN). This integration allows for enhanced programmability, flexibility, and automation in network operations, addressing the growing demand for efficient and adaptable network infrastructures. SDON is powered by a centralized controller, where the entirety of network intelligence is integrated into the control plane. However, this centralization introduces significant challenges related to data privacy and network security. To address these security issues, this paper proposes an adaptive IDS-SDON-EFSC (Intrusion Detection System for Software-Defined Optical Network with Ensemble Feature Selection and Classification) framework. In the proposed framework, during the initial phase, the gathered data is pre-processed to remove noise, and Adaptive Synthetic (ADASYN) sampling is implemented to balance imbalanced datasets. Overfitting is mitigated using Root Mean Square Deviation (RMSD) regularization, which reduces the loss between training and test data. In the second phase, the Deep Convolutional Neural Network Attention-based Bi-directional Long Short-Term Memory (DCNN-AttBiLSTM) system is employed for classification. The hybrid metaheuristic-Adam optimizer is used to optimize hyperparameter selection. Experiments demonstrate the efficacy of the IDS-SDON-EFSC model, which was trained and evaluated on the most current and practical datasets in the SDON domain: InSDN, SDN-IoT, and SDNFlow. The model achieved excellent performance, discerning various forms of intrusion with 100% accuracy on training data and 99.71% accuracy on test data. Additionally, it achieved a minimal latency rate of 1.6%, reduced controller overhead, and a minimal degradation rate of 2.1% leading to improved throughput performance when executed in real-time networks.</div></div>","PeriodicalId":19663,"journal":{"name":"Optical Fiber Technology","volume":"93 ","pages":"Article 104206"},"PeriodicalIF":2.6000,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Optical Fiber Technology","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1068520025000811","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Software-Defined Optical Network (SDON) is a modernized approach to manage optical networks by integrating the principles of Software-Defined Networking (SDN). This integration allows for enhanced programmability, flexibility, and automation in network operations, addressing the growing demand for efficient and adaptable network infrastructures. SDON is powered by a centralized controller, where the entirety of network intelligence is integrated into the control plane. However, this centralization introduces significant challenges related to data privacy and network security. To address these security issues, this paper proposes an adaptive IDS-SDON-EFSC (Intrusion Detection System for Software-Defined Optical Network with Ensemble Feature Selection and Classification) framework. In the proposed framework, during the initial phase, the gathered data is pre-processed to remove noise, and Adaptive Synthetic (ADASYN) sampling is implemented to balance imbalanced datasets. Overfitting is mitigated using Root Mean Square Deviation (RMSD) regularization, which reduces the loss between training and test data. In the second phase, the Deep Convolutional Neural Network Attention-based Bi-directional Long Short-Term Memory (DCNN-AttBiLSTM) system is employed for classification. The hybrid metaheuristic-Adam optimizer is used to optimize hyperparameter selection. Experiments demonstrate the efficacy of the IDS-SDON-EFSC model, which was trained and evaluated on the most current and practical datasets in the SDON domain: InSDN, SDN-IoT, and SDNFlow. The model achieved excellent performance, discerning various forms of intrusion with 100% accuracy on training data and 99.71% accuracy on test data. Additionally, it achieved a minimal latency rate of 1.6%, reduced controller overhead, and a minimal degradation rate of 2.1% leading to improved throughput performance when executed in real-time networks.

查看原文本刊更多论文

基于混合进化入侵检测系统的SDON安全：一种特征选择与分类的集成算法

软件定义光网络（SDON）是融合了软件定义网络（SDN）原理的一种现代化的光网络管理方法。这种集成允许在网络操作中增强可编程性、灵活性和自动化，满足对高效和适应性网络基础设施日益增长的需求。SDON由一个集中式控制器供电，整个网络智能集成到控制平面。然而，这种集中化带来了与数据隐私和网络安全相关的重大挑战。为了解决这些安全问题，本文提出了一种自适应ids - sdn - efsc（集成特征选择与分类的软件定义光网络入侵检测系统）框架。在该框架中，在初始阶段，对收集到的数据进行预处理以去除噪声，并实施自适应合成（ADASYN）采样以平衡不平衡数据集。使用均方根偏差（RMSD）正则化减轻了过拟合，减少了训练数据和测试数据之间的损失。第二阶段，采用基于深度卷积神经网络注意的双向长短期记忆（DCNN-AttBiLSTM）系统进行分类。采用混合元启发式- adam优化器对超参数选择进行优化。实验证明了ids - sdn - efsc模型的有效性，该模型在SDON领域最新和最实用的数据集（InSDN、SDN-IoT和SDNFlow）上进行了训练和评估。该模型取得了优异的性能，在训练数据上识别各种形式的入侵的准确率为100%，在测试数据上的准确率为99.71%。此外，它实现了1.6%的最小延迟率，降低了控制器开销，最小退化率为2.1%，从而在实时网络中执行时提高了吞吐量性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Optical Fiber Technology 工程技术-电信学

CiteScore

4.80

自引率

11.10%

发文量

327

审稿时长

63 days

期刊介绍： Innovations in optical fiber technology are revolutionizing world communications. Newly developed fiber amplifiers allow for direct transmission of high-speed signals over transcontinental distances without the need for electronic regeneration. Optical fibers find new applications in data processing. The impact of fiber materials, devices, and systems on communications in the coming decades will create an abundance of primary literature and the need for up-to-date reviews. Optical Fiber Technology: Materials, Devices, and Systems is a new cutting-edge journal designed to fill a need in this rapidly evolving field for speedy publication of regular length papers. Both theoretical and experimental papers on fiber materials, devices, and system performance evaluation and measurements are eligible, with emphasis on practical applications.