Native SDN Intrusion Detection using Machine Learning

Security has been and still is a major challenge for communication networks. Recent advances in networking, notably the emerging of Software Defined Networks (SDN) has brought about major potential in providing highly secure communication networks. SDN decouples the data and control planes, while maintaining a centralised and global view of the whole network. This has resulted in feasible proactive, robust and secure networks. In particular, coupling SDN capabilities with intelligent traffic analysis using Machine Learning and/or Deep Learning has recently attracted major research efforts. However, most efforts have been just a simple mapping of earlier solutions into the SDN environment. This paper addresses the problem of SDN security based on deep learning in a purely native SDN environment, where a Deep Learning intrusion detection module is tailored to the SDN environment with the least overhead. In particular, we propose a hybrid unsupervised machine learning approach based on auto-encoding for intrusion detection in SDNs. The experimental results show that the proposed module can achieve high accuracy with a minimum number of selected flow features. The performance of the controller with the deployed model is tested for throughput and latency. The results shows a minimum overhead on the SDN controller performance, while yielding a very high detection accuracy.