Research on Traffic Anomaly Detection Based on SDN Architecture
Journal: Architecture Engineering and Science DOI: 10.32629/aes.v4i1.1162
Abstract
With the development of science and technology, the network is also developing rapidly. The new software-defined network SDN (Software Defined Network) solves the defects of the traditional network architecture. It is regarded as the development direction of the future network, and its main feature is to separate and decouple the two modules of data forwarding and routing control of traditional network equipment. The SDN controller uses the standardized OpenFlow interface protocol to manage and configure devices from various manufacturers, improving the network horizontal expansion capability and optimizing the underlying infrastructure resources, and expanding the SDN network elasticity function. But the controllers are vulnerable to attacks that render the entire network inoperable. In order to solve this problem, machine learning abnormal traffic detection is proposed to solve the defect of low network abnormal traffic detection rate. Due to the large amount of data and high data latitude, several factors affect the efficiency and accuracy of machine learning. Therefore, it is necessary to reduce the dimensionality of data to improve the efficiency and accuracy of machine learning. S - FastICA (Fast Independent Component Analysis) is introduced. Fast independent component analysis dimensionality reduction algorithm, which uses a fixed-point iterative optimization algorithm, makes the convergence faster and more robust. Due to the low accuracy of the traditional Stacking model, the EIE-Stacking (E n semble in Ensemble Stacking) model is used to improve the base learner of the first layer. The improved model effectively improves the prediction accuracy. In order to verify the authenticity and effectiveness of the experiment, the KDDCUP99 data set, NSLKDD data set and UNSW-NB15 data set were used for experiments, and the S-FastICA (Softsign FastICA) algorithm was compared with the traditional FastICA algorithm. The machine learning model EIE-Stacking Compared with the traditional Stacking model, the experimental results show that the accuracy rate, F1 score, recall rate and precision rate are all improved, and the algorithm proposed in this paper is true and effective.
Keywords
machine learning, network architecture, SDN, FastICA, ensemble learning, abnormal traffic detection
Full Text
PDF - Viewed/Downloaded: 0 TimesIndexation
Download Index RecordReferences
[1]Zhang Y, Cui L, Wang W, et al. A survey on software defined networkingwith multiple controllers[J]. Journal of Network and Computer Applications, 1 February, 2018, 103: 101-118.
[2]Chen, Haonan, et al. "Research on Intrusion Detection of Industrial Control System Based on FastICA-SVM Method." International Conference on Artificial Intelligence and Security. Springer, Cham, 2021, 12736(7): 303–311
[3]Sheikh M S, Regan A. A complex network analysis approach for estimation and detection of traffic incidents based on independent component analysis[J]. Physica A: Statistical Mechanics and its Applications, 2022, 586: 126504
[4]Rashid M, Kamruzzaman J, Imam T, et al. A tree-based stacking ensemble technique with feature selection for network intrusion detection[J]. Applied Intelligence, 2022, 52(9):9768-9781.
[5]Liu Jinghao, Mao Siping, Fu Xiaomei. Intrusion Detection Model Based on ICA Algorithm and Deep Neural Network [J]. Information Network Security, 2019, 0(3): 1-10.
[6]Dhaliwal, SS; Nahid, A.-A.; Abbas, R. Effective Intrusion Detection System Using XGBoost. Information 2018, 9(7), 149-172. https://doi.org/10.3390/info9070149
[7]Flow Based Intrusion Detection System for Software Defined Networking using Hybrid Machine Learning Technique [J]. International Journal of Innovative Technology and Exploring Engineering, 2019, 9(2S2) 1026-1033. https://doi.org/10.35940/ijitee.B1108.1292S219
[8]Pooja TS, Shrinivasacharya P. Evaluating neural networks using Bi-Directional LSTM for network IDS (intrusion detection systems) in cyber security[J]. Global Journal of Transformation, 2021, 2(2): 448-454.
[2]Chen, Haonan, et al. "Research on Intrusion Detection of Industrial Control System Based on FastICA-SVM Method." International Conference on Artificial Intelligence and Security. Springer, Cham, 2021, 12736(7): 303–311
[3]Sheikh M S, Regan A. A complex network analysis approach for estimation and detection of traffic incidents based on independent component analysis[J]. Physica A: Statistical Mechanics and its Applications, 2022, 586: 126504
[4]Rashid M, Kamruzzaman J, Imam T, et al. A tree-based stacking ensemble technique with feature selection for network intrusion detection[J]. Applied Intelligence, 2022, 52(9):9768-9781.
[5]Liu Jinghao, Mao Siping, Fu Xiaomei. Intrusion Detection Model Based on ICA Algorithm and Deep Neural Network [J]. Information Network Security, 2019, 0(3): 1-10.
[6]Dhaliwal, SS; Nahid, A.-A.; Abbas, R. Effective Intrusion Detection System Using XGBoost. Information 2018, 9(7), 149-172. https://doi.org/10.3390/info9070149
[7]Flow Based Intrusion Detection System for Software Defined Networking using Hybrid Machine Learning Technique [J]. International Journal of Innovative Technology and Exploring Engineering, 2019, 9(2S2) 1026-1033. https://doi.org/10.35940/ijitee.B1108.1292S219
[8]Pooja TS, Shrinivasacharya P. Evaluating neural networks using Bi-Directional LSTM for network IDS (intrusion detection systems) in cyber security[J]. Global Journal of Transformation, 2021, 2(2): 448-454.
Copyright © 2023 Xiangxiao Chen, Xin Cui, Kangtao Wang, Qin Du
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License