Conference Paper


A hierarchical Intrusion Detection System using support vector machine for SDN network in cloud data center

Abstract

Software-Defined Networks (SDN) has emerged as a dominant programmable network architecture for cloud based data centers. Its centralised programmable control plane decoupled from the data plane with a global view of the network state provides new opportunities to implement innovate security mechanisms. This research leverages this features of SDN and presents the architecture of a hierarchical and lightweight Intrusion Detection System (IDS) for software enabled networks by exploiting the concept of SDN flows. It combines advantages of a flow-based IDS and a packet-based IDS in order to provide a high detection rate without degrading network performances. The flow-based IDS uses an anomaly detection algorithm based on Support Vector Machines (SVM) trained with DARPA Intrusion Detection Dataset . This first line of defence detects any intrusions on the network. When an attack is detected, the malicious flow is mirrored to a packet-based IDS, for further examination and actions. The results show that this scheme provides good detection rates and performances with minimal extra overhead.

Attached files

Authors

Basu, Kashinath
Younas, Muhammad
Schueller, Quentin
Patel, Mohit
Ball, Frank

Oxford Brookes departments

Faculty of Technology, Design and Environment\School of Engineering, Computing and Mathematics

Dates

Year of publication: 2019
Date of RADAR deposit: 2018-09-13


Creative Commons License This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License


Related resources

This RADAR resource is the Accepted Manuscript of A hierarchical Intrusion Detection System using support vector machine for SDN network in cloud data center

Details

  • Owner: Joseph Ripp
  • Collection: Outputs
  • Version: 1 (show all)
  • Status: Live
  • Views (since Sept 2022): 459