基于机器学习技术的SDN网络异常检测

Proceedings of the 7th International Conference on Information and Education Innovations Pub Date : 2022-04-14 DOI:10.1145/3535735.3535750

Juliana Arevalo Herrera, Jorge Eliécer Camargo Mendoza, J. I. M. Torre

{"title":"基于机器学习技术的SDN网络异常检测","authors":"Juliana Arevalo Herrera, Jorge Eliécer Camargo Mendoza, J. I. M. Torre","doi":"10.1145/3535735.3535750","DOIUrl":null,"url":null,"abstract":"Security is a concern for traditional networks and those based on new technology such as Software Defined Networks (SDN) and Internet of Things (IoT). Machine learning techniques are typical to automatically identify and classify attacks in the form of intrusion detection systems. This paper presents machine learning algorithms for attack classification over the CES CIC IDS2018 dataset. The analysis includes an evaluation of the performance of traditional Machine Learning (ML) techniques such as Decision Trees (DT), Random Forest (RF), and a Neural Network architecture in two different samples of the dataset: one with the all the features and another with selected features for SDN. The details of the dataset, as well as the used methodology and evaluation results, are presented in this paper. After a comparison between the different ML algorithms, the conclusion is that DT and RF are both highly accurate for classification (97% for all the features and 87% for the SDN features) and also require less processing.","PeriodicalId":435343,"journal":{"name":"Proceedings of the 7th International Conference on Information and Education Innovations","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-04-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Network anomaly detection with machine learning techniques for SDN networks\",\"authors\":\"Juliana Arevalo Herrera, Jorge Eliécer Camargo Mendoza, J. I. M. Torre\",\"doi\":\"10.1145/3535735.3535750\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security is a concern for traditional networks and those based on new technology such as Software Defined Networks (SDN) and Internet of Things (IoT). Machine learning techniques are typical to automatically identify and classify attacks in the form of intrusion detection systems. This paper presents machine learning algorithms for attack classification over the CES CIC IDS2018 dataset. The analysis includes an evaluation of the performance of traditional Machine Learning (ML) techniques such as Decision Trees (DT), Random Forest (RF), and a Neural Network architecture in two different samples of the dataset: one with the all the features and another with selected features for SDN. The details of the dataset, as well as the used methodology and evaluation results, are presented in this paper. After a comparison between the different ML algorithms, the conclusion is that DT and RF are both highly accurate for classification (97% for all the features and 87% for the SDN features) and also require less processing.\",\"PeriodicalId\":435343,\"journal\":{\"name\":\"Proceedings of the 7th International Conference on Information and Education Innovations\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-04-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 7th International Conference on Information and Education Innovations\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3535735.3535750\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 7th International Conference on Information and Education Innovations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3535735.3535750","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

安全是传统网络和基于软件定义网络(SDN)和物联网(IoT)等新技术的网络所关注的问题。机器学习技术是典型的以入侵检测系统的形式自动识别和分类攻击。本文提出了在CES CIC IDS2018数据集上进行攻击分类的机器学习算法。分析包括在数据集的两个不同样本中评估传统机器学习(ML)技术的性能，如决策树(DT)，随机森林(RF)和神经网络架构:一个具有所有特征，另一个具有SDN的选定特征。本文介绍了数据集的详细信息，以及使用的方法和评估结果。在对不同的ML算法进行比较后，结论是DT和RF都具有很高的分类准确率(所有特征的准确率为97%，SDN特征的准确率为87%)，并且需要较少的处理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Network anomaly detection with machine learning techniques for SDN networks

Security is a concern for traditional networks and those based on new technology such as Software Defined Networks (SDN) and Internet of Things (IoT). Machine learning techniques are typical to automatically identify and classify attacks in the form of intrusion detection systems. This paper presents machine learning algorithms for attack classification over the CES CIC IDS2018 dataset. The analysis includes an evaluation of the performance of traditional Machine Learning (ML) techniques such as Decision Trees (DT), Random Forest (RF), and a Neural Network architecture in two different samples of the dataset: one with the all the features and another with selected features for SDN. The details of the dataset, as well as the used methodology and evaluation results, are presented in this paper. After a comparison between the different ML algorithms, the conclusion is that DT and RF are both highly accurate for classification (97% for all the features and 87% for the SDN features) and also require less processing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 7th International Conference on Information and Education Innovations

自引率

0.00%

发文量