Designing Ensemble Deep Learning Intrusion Detection System for DDoS attacks in Software Defined Networks

Software Defined Networks (SDN) is gaining popularity in academia and the industry. This is due to SDNs ease of programmability, flexibility and centralized management. These networking features allow network administrators and programmers to easily monitor and control the entire network, at a limited cost. However, because of its centralized architecture, the controller becomes a single point of failure. This vulnerability makes it a target to cyber-attacks, but more specifically to Distributed Denial of Service (DDoS) attacks. The DDoS attack may target the SDN network controller in order to disrupt the entire network, causing network resources unavailable to legitimate users. Hence, in this work, we propose an ensemble Deep Learning (DL) Intrusion Detection System (IDS) to detect DDoS attack traffic in SDNs. Our proposed approach build an ensemble of Convolutional Neural Network (CNN), Deep Neural Network (DNN) and Recurrent Neural Network (RNN) model. To train the model, we use feature selection techniques from the literature and utilized the Canadian Institute for Cybersecurity Intrusion Detection System (CIC-IDS2017) as the evaluation dataset. The performance of the proposed model is compared with existing models, and from the results, it is observed that our proposed ensemble deep learning model performs better than ensemble CNN, ensemble RNN and ensemble voting.