Mahmoud Abdallah, Nhien-An Le-Khac, Hamed Z. Jahromi, A. Jurcut
{"title":"A Hybrid CNN-LSTM Based Approach for Anomaly Detection Systems in SDNs","authors":"Mahmoud Abdallah, Nhien-An Le-Khac, Hamed Z. Jahromi, A. Jurcut","doi":"10.1145/3465481.3469190","DOIUrl":null,"url":null,"abstract":"Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm introduces new attack vectors that do not exist in the conventional distributed networks. This paper develops a hybrid Intrusion Detection System (IDS) by combining the Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM). The proposed model is capable of capturing the spatial and temporal features of the network traffic. Two regularization techniques i.e., L2 Regularization () and dropout method are used to overcome with the overfitting problem. The proposed method improves the intrusion detection performance of zero-day attacks. The InSDN dataset — the most recent dataset for SDN networks is used to test and evaluate the performance of the proposed model. The results indicate that integrating the CNN with LSTM improves the intrusion detection performance and achieves an accuracy of 96.32%. The estimated accuracy is higher than the accuracy of each individual model. In addition, it is established that the regularization techniques improves the performance of the CNN algorithms in detecting new intrusions when compared to the standard CNN. The findings of this study facilitates the development of robust IDS systems for SDN environment.","PeriodicalId":417395,"journal":{"name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","volume":"133 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 16th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3465481.3469190","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 28
Abstract
Software-Defined Networking (SDN) is a promising technology for the future Internet. However, the SDN paradigm introduces new attack vectors that do not exist in the conventional distributed networks. This paper develops a hybrid Intrusion Detection System (IDS) by combining the Convolutional Neural Network (CNN) and Long Short-Term Memory Network (LSTM). The proposed model is capable of capturing the spatial and temporal features of the network traffic. Two regularization techniques i.e., L2 Regularization () and dropout method are used to overcome with the overfitting problem. The proposed method improves the intrusion detection performance of zero-day attacks. The InSDN dataset — the most recent dataset for SDN networks is used to test and evaluate the performance of the proposed model. The results indicate that integrating the CNN with LSTM improves the intrusion detection performance and achieves an accuracy of 96.32%. The estimated accuracy is higher than the accuracy of each individual model. In addition, it is established that the regularization techniques improves the performance of the CNN algorithms in detecting new intrusions when compared to the standard CNN. The findings of this study facilitates the development of robust IDS systems for SDN environment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
