Overhead Reduction Technique for Software-Defined Network based Intrusion Detection Systems

Ahmed Janabi*, Triantafyllos Kanakis, Mark Johnson

*Corresponding author for this work

Research output: Contribution to JournalArticlepeer-review

Abstract

In Software-Defined Networks, the Intrusion Detection System is receiving growing attention, due to the expansion of the internet and cloud storage. This system is vital for institutions that use cloud services and have many users. Although the Intrusion Detection System offers several security features, its performance is lagging behind in large enterprise’s networks. Existing approaches are based on centralised processing and use many features to implement a protection system. Therefore, system overload and poor performance occur at the controller and OpenFlow switches. As a result, the current solutions create issues that must be considered, especially when they are implemented on large networks. Furthermore, enhancements in security applications improve the reliability of networks. Following a literature review of the existing Intrusion Detection Systems, this paper presents a new model that offers decentralised processing and exchanges data over a trusted, independent channel, in order to solve issues relating to system overload and poor performance. Our model utilises an appropriate feature selection method to reduce the number of extracted features and minimise the data transmitted over the channels. Additionally, the Naive Bayes algorithm has been employed for flow classification purposes, since it is a fast classifier. We successfully implemented our framework, using the Mininet emulator, which provides a suitable networking environment. Evaluations indicate that our proposed system can detect various attacks with an accuracy of 98.46% and nominal decreasing rates of 1.5% in throughput and 0.7% in latency analyses, when the model is implemented in wide range networks.
Original languageEnglish
Number of pages12
JournalIEEE Access
Early online date21 Jun 2022
DOIs
Publication statusE-pub ahead of print - 21 Jun 2022

Keywords

  • Naive Bayes - Protection System based Distribution Process (NB-PSDP)
  • Naive Bayes (NB)
  • Software-Defined Network (SDN)
  • Intrusion Detection System (IDS)
  • Machine Learning (ML)
  • Distribution Process
  • CSE-CIC-IDS2018 dataset

Fingerprint

Dive into the research topics of 'Overhead Reduction Technique for Software-Defined Network based Intrusion Detection Systems'. Together they form a unique fingerprint.

Cite this