Anomaly Detection Technique for Intrusion Detection in SDN Environment using Continuous Data Stream Machine Learning Algorithms

Ribeiro, Admilson de Ribamar Lima; Santos, Reneilson; Nascimento, Anderson C. A.

doi:10.1109/syscon48628.2021.9447092

Cited by 6 publications

(5 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The value of q is determined using the Poisson distribution, utilizing the ratio between the size of the largest class and the size of the current data point's class as the value of 𝜆 argument in the Poisson distribution. The 𝜆 parameter of the Poisson distribution is computed for an instance of class i as follows: 𝜆 = Size maj Size i (7) where Size maj denotes the size of the majority class, and Size i denotes the size of class i. Consequently, the probability of replication is higher for instances of minority classes, while it is lower for instances of majority classes.…”

Section: Rarity Updated Ensemble With Oversamplingmentioning

confidence: 99%

“…On average, the proposed RUEO method performed better than all baseline algorithms on the real-world data in terms of both average-accuracy and G-Mean. Compared with synthetic data streams, real-world data streams better represent the fundamental challenges of data stream classification, including concept drift, a large number (3) 0.61 (7) 0.59 (9) 0.59 (11) 0.59 (10) of classes, and class imbalance. This has made the distinction between different ensemble classification algorithms more recognizable.…”

Section: Evaluation On Real-world Datasetsmentioning

confidence: 99%

“…Nowadays, as new technologies and requirements develop, instead of static data, we are faced with streams of data that are dynamic and are produced continuously. Data collected from IoT sensors [1,2], medical systems [3][4][5], computer networks traffic [6,7], credit card transactions [8,9], and daily tweets on the Twitter [10][11][12] are examples of data streams in the modern society. A data stream is an infinite sequence of consecutive data instances over time that may be generated at high speed.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Rarity updated ensemble with oversampling: An ensemble approach to classification of imbalanced data streams

Nouri,

Kiani,

Fadishei

2024

Statistical Analysis

View full text Add to dashboard Cite

Today's ever‐increasing generation of streaming data demands novel data mining approaches tailored to mining dynamic data streams. Data streams are non‐static in nature, continuously generated, and endless. They often suffer from class imbalance and undergo temporal drift. To address the classification of consecutive data instances within imbalanced data streams, this research introduces a new ensemble classification algorithm called Rarity Updated Ensemble with Oversampling (RUEO). The RUEO approach is specifically designed to exhibit robustness against class imbalance by incorporating an imbalance‐specific criterion to assess the efficacy of the base classifiers and employing an oversampling technique to reduce the imbalance in the training data. The RUEO algorithm was evaluated on a set of 20 data streams and compared against 14 baseline algorithms. On average, the proposed RUEO algorithm achieves an average‐accuracy of 0.69 on the real‐world data streams, while the chunk‐based algorithms AWE, AUE, and KUE achieve average‐accuracies of 0.48, 0.65, and 0.66, respectively. The statistical analysis, conducted using the Wilcoxon test, reveals a statistically significant improvement in average‐accuracy for the proposed RUEO algorithm when compared to 12 out of the 14 baseline algorithms. The source code and experimental results of this research work will be publicly available at https://github.com/vkiani/RUEO.

show abstract

Section: Rarity Updated Ensemble With Oversamplingmentioning

confidence: 99%

Section: Evaluation On Real-world Datasetsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Rarity updated ensemble with oversampling: An ensemble approach to classification of imbalanced data streams

Nouri,

Kiani,

Fadishei

2024

Statistical Analysis

View full text Add to dashboard Cite

show abstract

“…Yubo Zhai et al [29] proposed the use of random forest for intrusion detection with a 98% detection rate. Admilson de Ribamar Lima Ribeiro et al [30] used the OutlierDenStream algorithm for intrusion detection under SDN with an accuracy of 97.83%. However, it was only for DDoS attacks and did not have a strong generalization capability.…”

Section: Related Workmentioning

confidence: 99%

An Intrusion Detection Model for Drone Communication Network in SDN Environment

Kou

Ding

et al. 2022

Drones

View full text Add to dashboard Cite

Drone communication is currently a hot topic of research, and the use of drones can easily set up communication networks in areas with complex terrain or areas subject to disasters and has broad application prospects. One of the many challenges currently facing drone communication is the communication security issue. Drone communication networks generally use software defined network (SDN) architectures, and SDN controllers can provide reliable data forwarding control for drone communication networks, but they are also highly susceptible to attacks and pose serious security threats to drone networks. In order to solve the security problem, this paper proposes an intrusion detection model that can reach the convergence state quickly. The model consists of a deep auto-encoder (DAE), a convolutional neural network (CNN), and an attention mechanism. DAE is used to reduce the original data dimensionality and improve the training efficiency, CNN is used to extract the data features, the attention mechanism is used to enhance the important features of the data, and finally the traffic is detected and classified. We conduct tests using the InSDN dataset, which is collected from an SDN environment and is able to verify the effectiveness of the model on SDN traffic. The experiments utilize the Tensorflow framework to build a deep learning model structure, which is run on the Jupyter Notebook platform in the Anaconda environment. Compared with the CNN model, the LSTM model, and the CNN+LSTM hybrid model, the accuracy of this model in binary classification experiments is 99.7%, which is about 0.6% higher than other comparison models. The accuracy of the model in the multiclassification experiment is 95.5%, which is about 3% higher than other comparison models. Additionally, it only needs 20 to 30 iterations to converge, which is only one-third of other models. The experiment proves that the model has fast convergence speed and high precision and is an effective detection method.

show abstract

“…The existing Cuda-Deep Neural Network (DNN)-Gated Recurrent Unit (GRU), i.e., Cu-DNNGRU and Cuda-bidirectional LSTM (Cu-BLSTM) methods, were implemented for an effectual threat detection outcome. Ribeiro et al [16] introduced an anomaly-related technique that employed the ML approaches over continuous data streams for the purpose of identifying intrusions in the SDN-enabled IoT atmosphere. In order to characterize the anomalies, the author examined structure assault, a type of DDoS assault.…”

Section: Introductionmentioning

confidence: 99%

Enhanced Crow Search with Deep Learning-Based Cyberattack Detection in SDN-IoT Environment

Motwakel¹,

Alrowais²,

Tarmissi³

et al. 2023

Intelligent Automation &Amp; Soft Computing

View full text Add to dashboard Cite

The paradigm shift towards the Internet of Things (IoT) phenomenon and the rise of edge-computing models provide massive potential for several upcoming IoT applications like smart grid, smart energy, smart home, smart health and smart transportation services. However, it also provides a sequence of novel cyber-security issues. Although IoT networks provide several advantages, the heterogeneous nature of the network and the wide connectivity of the devices make the network easy for cyber-attackers. Cyberattacks result in financial loss and data breaches for organizations and individuals. So, it becomes crucial to secure the IoT environment from such cyberattacks. With this motivation, the current study introduces an effectual Enhanced Crow Search Algorithm with Deep Learning-Driven Cyberattack Detection (ECSADL-CAD) model for the Software-Defined Networking (SDN)-enabled IoT environment. The presented ECSADL-CAD approach aims to identify and classify the cyberattacks in the SDN-enabled IoT environment. To attain this, the ECSADL-CAD model initially pre-processes the data. In the presented ECSADL-CAD model, the Reinforced Deep Belief Network (RDBN) model is employed for attack detection. At last, the ECSA-based hyperparameter tuning process gets executed to boost the overall classification outcomes. A series of simulations were conducted to validate the improved outcomes of the proposed ECSADL-CAD model. The experimental outcomes confirmed the superiority of the proposed ECSADL-CAD model over other existing methodologies.

show abstract

Anomaly Detection Technique for Intrusion Detection in SDN Environment using Continuous Data Stream Machine Learning Algorithms

Cited by 6 publications

References 14 publications

Rarity updated ensemble with oversampling: An ensemble approach to classification of imbalanced data streams

Rarity updated ensemble with oversampling: An ensemble approach to classification of imbalanced data streams

An Intrusion Detection Model for Drone Communication Network in SDN Environment

Enhanced Crow Search with Deep Learning-Based Cyberattack Detection in SDN-IoT Environment

Contact Info

Product

Resources

About