An SDN controller-based framework for anomaly detection using a GAN ensemble algorithm

Abstract

Of recent, a handful of machine learning techniques have been proposed to handle the task of intrusion detection with algorithms taking charge; these algorithms learn, from traffic flow examples, to distinguish between benign and anomalous network events. In this paper, we explore the use of a Generative Adversarial Network (GAN) ensemble to detect anomalies in a Software-Defined Networking (SDN) environment using the Global Environment for Network Innovations (GENI) testbed over geographically separated instances. A controllerbased framework is proposed, comprising several components across the detection chain. A bespoke dataset is generated, addressing three of the most popular contemporary network attacks and using an SDN perspective. Evaluation results show great potential for detecting a wide array of anomalies.