https://doi.org/10.3390/s22197436 ·
Видання: Sensors, 2022, №19, с.7436
Видавець: MDPI AG
Автори: Lifeng Lei, Liang Kou, Xianghao Zhan, Jilin Zhang, Yongjian Ren
Анотація
With the advent of the digital information age, new data services such as virtual reality, industrial Internet, and cloud computing have proliferated in recent years. As a result, it increases operator demand for 5G bearer networks by providing features such as high transmission capacity, ultra-long transmission distance, network slicing, and intelligent management and control. Software-defined networking, as a new network architecture, intends to increase network flexibility and agility and can better satisfy the demands of 5G networks for network slicing. Nevertheless, software-defined networking still faces the challenge of network intrusion. We propose an abnormal traffic detection method based on the stacking method and self-attention mechanism, which makes up for the shortcoming of the inability to track long-term dependencies between data samples in ensemble learning. Our method utilizes a self-attention mechanism and a convolutional network to automatically learn long-term associations between traffic samples and provide them to downstream tasks in sample embedding. In addition, we design a novel stacking ensemble method, which computes the sample embedding and the predicted values of the heterogeneous base learner through the fusion module to obtain the final outlier results. This paper conducts experiments on abnormal traffic datasets in the software-defined network environment, calculates precision, recall and F1-score, and compares and analyzes them with other algorithms. The experimental results show that the method designed in this paper achieves 0.9972, 0.9996, and 0.9984 in multiple indicators of precision, recall, and F1-score, respectively, which are better than the comparison methods.
Джерела фінансування
- Key Technology Research and Development Program of the Zhejiang Province
- National Natural Science Foundation of China
Список літератури
- McKeown, OpenFlow: Enabling innovation in campus networks, ACM SIGCOMM Comput. Commun. Rev., № 38, с. 69
https://doi.org/10.1145/1355734.1355746 - Ali, A Survey of Securing Networks Using Software Defined Networking, IEEE Trans. Reliab., № 64, с. 1086
https://doi.org/10.1109/TR.2015.2421391 - Rawat, Software defined networking architecture, security and energy efficiency: A survey, IEEE Commun. Surv. Tutor., № 19, с. 325
https://doi.org/10.1109/COMST.2016.2618874 - Bian, S., Zhang, P., and Yan, Z. (2016, January 18–20). A survey on software-defined networking security. Proceedings of the 9th EAI International Conference on Mobile Multimedia Communications, Xi’an, China.
https://doi.org/10.4108/eai.18-6-2016.2264176 - Xu, Research Development of Abnormal Traffic Detection in Software Defined Networking, J. Softw., № 31, с. 25
- Scott-Hayward, S., O’Callaghan, G., and Sezer, S. (2013, January 11–13). SDN security: A survey. Proceedings of the 2013 IEEE SDN for Future Networks and Services (SDN4FNS), Trento, Italy.
https://doi.org/10.1109/SDN4FNS.2013.6702553 - Hinton, A fast learning algorithm for deep belief nets, Neural Comput., № 18, с. 1527
https://doi.org/10.1162/neco.2006.18.7.1527 - Jackson, K., DuBois, D., and Stallings, C. (1991, January 1–4). An expert system application for network intrusion detection. Proceedings of the National Computer Security Conference, Washington, DC, USA.
- Javitz, H.S., and Valdes, A. (1991, January 20–22). The SRI IDES statistical anomaly detector. Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, USA.
- Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiwari, A., Yang, H., and Zhou, S. (2002, January 18–22). Specification-based anomaly detection: A new approach for detecting network intrusions. Proceedings of the CCS02: ACM Conference on Computer and Communications Security, Washington, DC, USA.
https://doi.org/10.1145/586143.586146 - Bauer, D.S., and Koblentz, M.E. NIDX—An expert system for real-time network intrusion detection. In Proceedings of the 1988 Computer Networking Symposium, Washington, DC, USA, 11–13 April 1988.
- Sinclair, C., Pierce, L., and Matzner, S. (1999, January 6–10). An application of machine learning to network intrusion detection. Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC’99), Phoenix, AZ, USA.
- Goldstein, M., and Dengel, A. (2012, January 24–27). Histogram-based outlier score (hbos): A fast unsupervised anomaly detection algorithm. Proceedings of the KI-2012: Poster and Demo Track, Saarbrücken, Germany.
- Wang, Statistical traffic anomaly detection in time-varying communication networks, IEEE Trans. Control Netw. Syst., № 2, с. 100
https://doi.org/10.1109/TCNS.2014.2378631 - Thottan, Anomaly detection in IP networks, IEEE Trans. Signal Process., № 51, с. 2191
https://doi.org/10.1109/TSP.2003.814797 - Buschkes, R., Kesdogan, D., and Reichl, P. (1998, January 7–11). How to increase security in mobile networks by anomaly detection. Proceedings of the 14th Annual Computer Security Applications Conference (Cat. No. 98EX217), Phoenix, AZ, USA.
- Sarasamma, Hierarchical Kohonenen Net for anomaly detection in network security, IEEE Trans. Syst. Man Cybern. Part B Cybern., № 35, с. 302
https://doi.org/10.1109/TSMCB.2005.843274 - Dimitriadis, Anomaly detection in network traffic based on statistical inference and α-stable modeling, IEEE Trans. Dependable Secur. Comput., № 8, с. 494
https://doi.org/10.1109/TDSC.2011.14 - Sui, S., Li, L., and Manikopoulo, C.N. (2006, January 23–25). Flow-based Statistical Aggregation Schemes for Network Anomaly Detection. Proceedings of the 2006 IEEE International Conference on Networking, Sensing and Control, Ft. Lauderdale, FL, USA.
- Nevat, Anomaly detection and attribution in networks with temporally correlated traffic, IEEE/ACM Trans. Netw., № 26, с. 131
https://doi.org/10.1109/TNET.2017.2765719 - Qu, D., Vetter, B.M., Wang, F., Narayan, R., Wu, S.F., Jou, Y.F., Gong, F., and Sargor, C. (1998, January 13–16). Statistical anomaly detection for link-state routing protocols. Proceedings of the Sixth International Conference on Network Protocols (Cat. No. 98TB100256), Austin, TX, USA.
- Soule, A., Salamatian, K., and Taft, N. (2005, January 19–21). Combining filtering and statistical methods for anomaly detection. Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement, Berkeley, CA, USA.
https://doi.org/10.1145/1330107.1330147 - Li, Z., Zhao, Y., Botta, N., Ionescu, C., and Hu, X. (2020). COPOD: Copula-based outlier detection. arXiv.
https://doi.org/10.1109/ICDM50108.2020.00135 - Maimo, A Self-Adaptive Deep Learning-Based System for Anomaly Detection in 5G Networks, IEEE Access, № 6, с. 7700
https://doi.org/10.1109/ACCESS.2018.2803446 - Van, N.T., Thinh, T.N., and Sach, L.T. (2017, January 21–23). An anomaly-based network intrusion detection system using Deep learning. Proceedings of the 2017 International Conference on System Science and Engineering (ICSSE), Ho Chi Minh City, Vietnam.
- Garg, A hybrid deep learning-based model for anomaly detection in cloud datacenter networks, IEEE Trans. Netw. Serv. Manag., № 16, с. 924
https://doi.org/10.1109/TNSM.2019.2927886 - Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., and Ghogho, M. (2016, January 26–29). Deep learning approach for Network Intrusion Detection in Software Defined Networking. Proceedings of the 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), Fez, Morocco.
https://doi.org/10.1109/WINCOM.2016.7777224 - Garg, Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in SDN: A social multimedia perspective, IEEE Trans. Multimed., № 21, с. 566
https://doi.org/10.1109/TMM.2019.2893549 - Yang, L., Song, Y., Gao, S., Xiao, B., and Hu, A. (2020, January 7–11). Griffin: An Ensemble of AutoEncoders for Anomaly Traffic Detection in SDN. Proceedings of the GLOBECOM 2020—2020 IEEE Global Communications Conference, Taipei, Taiwan.
https://doi.org/10.1109/GLOBECOM42002.2020.9322187 - Ujjan, Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN, Future Gener. Comput. Syst., № 111, с. 763
https://doi.org/10.1016/j.future.2019.10.015 - Elsayed, InSDN: A novel SDN intrusion dataset, IEEE Access, № 8, с. 165263
https://doi.org/10.1109/ACCESS.2020.3022633
Публікації, які цитують цю публікацію
A Routing Optimization Method for Software-Defined Optical Transport Networks Based on Ensembles and Reinforcement Learning
Junyan Chen, Wei Xiao, Xinmei Li, Yang Zheng, Xuefeng Huang, Danli Huang, Min Wang
https://doi.org/10.3390/s22218139 ·
2022, Sensors, №21, с.8139
Scopus
WoS
Цитувань Crossref:13
Applying machine learning enabled myriad fragment empirical modes in 5G communications to detect profile injection attacks
Mohammed S. Alzaidi, Piyush Kumar Shukla, V. Sangeetha, Karuna Nidhi Pandagre, Vinodh Kumar Minchula, Sachin Sharma, Arfat Ahmad Khan, V. Prashanth
https://doi.org/10.1007/s11276-023-03301-z ·
2023, Wireless Networks, №6, с.5533-5546
Scopus
WoS
Цитувань Crossref:2
Machine Learning Approach to Intrusion Detection: Performance Evaluation
Vishal Giraddi, Shantala Giraddi, Narayan D G, Anupama Bidaragaddi, Suvarna G Kanakareddi
https://doi.org/10.1016/j.procs.2024.04.176
2024, Procedia Computer Science, с.1851-1859
Scopus
Цитувань Crossref:0
Multi-scale convolutional auto encoder for anomaly detection in 6G environment
Shtwai Alsubai, Muhammad Umer, Nisreen Innab, Stavros Shiaeles, Michele Nappi
https://doi.org/10.1016/j.cie.2024.110396 ·
2024, Computers & Industrial Engineering, с.110396
Scopus
WoS
Цитувань Crossref:0
Traffic Feature Selection and Distributed Denial of Service Attack Detection in Software-Defined Networks Based on Machine Learning
Daoqi Han, Honghui Li, Xueliang Fu, Shuncheng Zhou
https://doi.org/10.3390/s24134344 ·
2024, Sensors, №13, с.4344
Scopus
WoS
Цитувань Crossref:0
Real-Time Intrusion Detection and Prevention System for 5G and beyond Software-Defined Networks
Razvan Bocu, Maksim Iavich
https://doi.org/10.3390/sym15010110 ·
2022, Symmetry, №1, с.110
Scopus
WoS
Цитувань Crossref:2
Знайти всі цитування публікації