On a Hybrid BiLSTM-GCNN-Based Approach for Attack Detection in SDN

Zhulian Chen, Aiqin Hou, Chase Q. Wu, Xinji Qu, Yukun Wang, Le Ru

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm opens the door to new attack vectors that do not exist in traditional networks, such as flow table overflow attacks and flow rule injection attacks, which traditional intrusion detection systems are no longer sufficient to identify. To address this problem, we propose a new method that uses deep learning for attack detection in an SDN environment. In this method, we first utilize fisher score to remove insignificant features, then design a network model combining bi-directional long short-term memory network (BiLSTM) and gated convolutional neural network (GCNN) to capture the spatio-temporal features of network traffic, and finally use a fully connected layer to perform seven classifications of data. We choose focal loss as the loss function due to the imbalance of samples. The proposed model is evaluated based on the InSDN dataset, which is the latest IDS dataset developed specifically for SDN environments, and the CIC-IDS2017 dataset. The results show that the proposed model improves the performance for anomaly detection and achieves an accuracy of 99.80% and 98.85% on the InSDN and CIC-IDS2017 datasets, respectively. This level of detection accuracy provides great confidence in protecting SDN networks from anomalous traffic.

Original languageEnglish (US)
Title of host publicationProceedings - 2023 IEEE International Conference on High Performance Computing and Communications, Data Science and Systems, Smart City and Dependability in Sensor, Cloud and Big Data Systems and Application, HPCC/DSS/SmartCity/DependSys 2023
EditorsJinjun Chen, Laurence T. Yang
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages233-240
Number of pages8
ISBN (Electronic)9798350330014
DOIs
StatePublished - 2023
Event25th IEEE International Conferences on High Performance Computing and Communications, 9th International Conference on Data Science and Systems, 21st IEEE International Conference on Smart City and 9th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Applications, HPCC/DSS/SmartCity/DependSys 2023 - Melbourne, Australia
Duration: Dec 13 2023Dec 15 2023

Publication series

NameProceedings - 2023 IEEE International Conference on High Performance Computing and Communications, Data Science and Systems, Smart City and Dependability in Sensor, Cloud and Big Data Systems and Application, HPCC/DSS/SmartCity/DependSys 2023

Conference

Conference25th IEEE International Conferences on High Performance Computing and Communications, 9th International Conference on Data Science and Systems, 21st IEEE International Conference on Smart City and 9th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Applications, HPCC/DSS/SmartCity/DependSys 2023
Country/TerritoryAustralia
CityMelbourne
Period12/13/2312/15/23

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Information Systems
  • Information Systems and Management
  • Energy Engineering and Power Technology
  • Safety, Risk, Reliability and Quality
  • Instrumentation
  • Urban Studies

Keywords

  • BiLSTM
  • Fisher Score
  • Focal Loss
  • GCNN
  • Intrusion Detection System
  • Software-Defined Networking

Fingerprint

Dive into the research topics of 'On a Hybrid BiLSTM-GCNN-Based Approach for Attack Detection in SDN'. Together they form a unique fingerprint.

Cite this