Abstract
Traditional network administration required manual programming of routing policies and related parameters on specific routers and switches, which was expensive. Therefore, software-defined networking (SDN) technology has been introduced, which has boosted flexibility and decreased hardware development costs by centralizing network management. Since intrusion detection is vital in the SDN environment, this centralized architecture makes information security vulnerable to network threats. To evaluate and recognize these attacks, many researchers have recently adopted cutting-edge approaches like machine learning. However, most of these methods are not very accurate and scalable. To address this issue, this paper proposes an EfficientNetV2-RegNet-based effective deep learning technique. It effectively extracted the network features and classified the intrusions in SDN-based IoT (Internet of Things). Afterwards, an effective mitigation process was performed by a remote SDN controller to mitigate the assaults and reconfigure the network resources for trusted network hosts. Furthermore, the Conditional Generative Adversarial Network (CGAN) based data augmentation approach efficiently tackles the data imbalance issue. The most recent realistic datasets, named InSDN and IoT-23, were utilized to train and assess the presented framework to validate its efficiency. The results of the experiments demonstrated that the suggested system surpassed competitors in identifying various attack types and achieved 99.53 and 99.56% accuracy for IoT-23 and InSDN datasets, correspondingly.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
Not applicable.
References
Luo, K.: A distributed SDN-based intrusion detection system for IoT using optimized forests. PLoS ONE 18(8), e0290694 (2023)
Kumar, C., Biswas, S., Ansari, M.S.A., Govil, M.C.: Nature-inspired intrusion detection system for protecting software-defined networks controller. Comput. Secur. 134, 103438 (2023)
Shaji, N.S., Muthalagu, R., Pawar, P.M.: SD-IIDS: intelligent intrusion detection system for software-defined networks. Multimedia Tools and Applications, 1–33 (2023)
Kou, L., Ding, S., Wu, T., Dong, W., Yin, Y.: An intrusion detection model for drone communication network in sdn environment. Drones 6(11), 342 (2022)
Duy, P.T., Khoa, N.H., Do Hoang, H., Pham, V.H.: Investigating on the robustness of flow-based intrusion detection system against adversarial samples using generative adversarial networks. J. Inform. Secur. Appl. 74, 103472 (2023)
Imran, M., Haider, N., Shoaib, M., Razzak, I.: An intelligent and efficient network intrusion detection system using deep learning. Comput. Electr. Eng. 99, 107764 (2022)
Talukder, M.A., Hasan, K.F., Islam, M.M., Uddin, M.A., Akhter, A., Yousuf, M.A., Moni, M.A.: A dependable hybrid machine learning model for network intrusion detection. J. Inform. Security Appl. 72, 103405 (2023)
Bhardwaj, A., Tyagi, R., Sharma, N., Khare, A., Punia, M.S., Garg, V.K.: Network intrusion detection in software defined networking with self-organized constraint-based intelligent learning framework. Meas. Sens 24, 100580 (2022)
Kasongo, S.M.: A deep learning technique for intrusion detection system using a recurrent neural networks based framework. Comput. Commun. 199, 113–125 (2023)
Alzahrani, A.O., Alenazi, M.J.: ML-IDSDN: Machine learning based intrusion detection system for software-defined network. Concurr. Comput. Pract. Exp. 35(1), e7438 (2023)
Tayfour, O.E., Mubarakali, A., Tayfour, A.E., Marsono, M.N., Hassan, E., Abdelrahman, A.M.: Adapting deep learning-LSTM method using optimized dataset in SDN controller for secure IoT. Soft Comput. (2023). https://doi.org/10.1007/s00500-023-08348-w
Bour, H., Abolhasan, M., Jafarizadeh, S., Lipman, J., Makhdoom, I.: A multilayered intrusion detection system for software defined networking. Comput. Electr. Eng. 101, 108042 (2022)
Qureshi, S.S., He, J., Qureshi, S., Zhu, N., Zardari, Z.A., Mahmood, T., Wajahat, A.: SDN-enabled deep learning based detection mechanism (DDM) to tackle DDoS attacks in IoTs. J. Intell. Fuzzy Syst. 44(6), 10675–10687 (2023)
Alshammari, T.M., Alserhani, F.M.: Scalable and robust intrusion detection system to secure the iot environments using software defined networks (SDN) enabled architecture. Int. J. Comput. Networks Appl 9(6), 678–688 (2022)
Jadhav, K.P., Arjariya, T., Gangwar, M.: Hybrid-Ids: an approach for intrusion detection system with hybrid feature extraction technique using supervised machine learning. Int. J. Intell. Syst. Appl. Eng. 11(5s), 591–597 (2023)
Wang, J., Wang, L.: SDN-Defend: a lightweight online attack detection and mitigation system for DDoS attacks in SDN. Sensors 22(21), 8287 (2022)
Al Razib, M., Javeed, D., Khan, M.T., Alkanhel, R., Muthanna, M.S.A.: Cyber threats detection in smart environments using SDN-enabled DNN-LSTM hybrid framework. IEEE Access 10, 53015–53026 (2022)
Hnamte, V., Hussain, J.: Dependable intrusion detection system using deep convolutional neural network: a Novel framework and performance evaluation approach. Telemat. Inform Rep. 11, 100077 (2023)
Maheshwari, A., Mehraj, B., Khan, M.S., Idrisi, M.S.: An optimized weighted voting based ensemble model for DDoS attack detection and mitigation in SDN environment. Microprocess. Microsyst. 89, 104412 (2022)
Ravi, V., Chaganti, R., Alazab, M.: Deep learning feature fusion approach for an intrusion detection system in SDN-based IoT networks. IEEE Internet Things Mag. 5(2), 24–29 (2022)
Maray, M., MesferAlshahrani, H., Alissa, A.K., Alotaibi, N., Gaddah, A., Meree, A., Ahmed Hamza, M.: Optimal deep learning driven intrusion detection in SDN-Enabled IoT environment. Comput. Mater. Continua. 74(3), 6587–6604 (2022)
Logeswari, G., Bose, S., Anitha, T.: An intrusion detection system for sdn using machine learning. Intell. Autom. Soft Comput. 35(1), 867–880 (2023)
Aslam, M., Ye, D., Tariq, A., Asad, M., Hanif, M., Ndzi, D., Jilani, S.F.: Adaptive machine learning based distributed denial-of-services attacks detection and mitigation system for SDN-enabled IoT. Sensors 22(7), 2697 (2022)
El Sayed, M.S., Le-Khac, N.A., Azer, M.A., Jurcut, A.D.: A flow-based anomaly detection approach with feature selection method against ddos attacks in sdns. IEEE Trans. Cognitive Commun. Netw. 8(4), 1862–1880 (2022)
Elsayed, R.A., Hamada, R.A., Abdalla, M.I., Elsaid, S.A.: Securing IoT and SDN systems using deep-learning based automatic intrusion detection. Ain Shams Eng. J. 14(10), 102211 (2023)
Ferrão, T., Manene, F., Ajibesin, A.A.: Multi-attack intrusion detection system for software-defined internet of things network. Comput. Mater. Continua. (2023). https://doi.org/10.32604/cmc.2023.038276
Arun Prasad, P.B., Mohan, V., Vinoth Kumar, K.: Hybrid metaheuristics with deep learning enabled cyberattack prevention in software defined networks. Tehnički Vjesnik 31(1), 208–214 (2024)
Polat, O., Türkoğlu, M., Polat, H., Oyucu, S., Üzen, H., Yardımcı, F., Aksöz, A.: Multi-stage learning framework using convolutional neural network and decision tree-based classification for detection of DDoS pandemic attacks in SDN-based SCADA systems. Sensors 24(3), 1040 (2024)
Said, R.B., Sabir, Z., Askerzade, I.: CNN-BiLSTM: A hybrid deep learning approach for network intrusion detection system in software defined networking with hybrid feature selection. IEEE Access. 11, 138732–138747 (2023). https://doi.org/10.1109/ACCESS.2023.3340142
Friha, O., Ferrag, M.A., Shu, L., Maglaras, L., Choo, K.K.R., Nafaa, M.: FELIDS: Federated learning-based intrusion detection system for agricultural internet of things. J. Parallel Distrib. Comput. 165, 17–31 (2022)
Abdallah, M., An Le Khac, N., Jahromi, H., Delia Jurcut, A.: A hybrid CNN-LSTM based approach for anomaly detection systems in SDNs. In: Proceedings of the 16th International Conference on Availability, Reliability and Security, p 1–7 (2021)
Safwan, H., Iqbal, Z., Amin, R., Khan, M.A., Alhaisoni, M., Alqahtani, A., Chang, B.: An IoT environment based framework for intelligent intrusion detection. CMC Comput. Mater. Continua. 75(2), 2365–2381 (2023)
Alshra’a, A.S., Farhat, A., Seitz, J.: Deep learning algorithms for detecting denial of service attacks in software-defined networks. Procedia Comput. Sci. 191, 254–263 (2021)
Elsayed, M.S., Jahromi, H.Z., Nazir, M.M., Jurcut, A.D.: The role of CNN for intrusion detection systems: An improved CNN learning approach for SDNs. In: International Conference on Future Access Enablers of Ubiquitous and Intelligent Infrastructures. Springer International Publishing, Cham, p 91–104 (2021)
Gyamfi, E., Jurcut, A.D.: Novel online network intrusion detection system for industrial iot based on oi-svdd and as-elm. IEEE Internet Things J. 10(5), 3827–3839 (2022)
Sanju, P.: Enhancing intrusion detection in IoT systems: a hybrid metaheuristics-deep learning approach with ensemble of recurrent neural networks. J. Eng. Res. (2023). https://doi.org/10.1016/j.jer.2023.100122
Abdalgawad, N., Sajun, A., Kaddoura, Y., Zualkernan, I.A., Aloul, F.: Generative deep learning to detect cyberattacks for the IoT-23 dataset. IEEE Access 10, 6430–6441 (2021)
Hamza, A.A., Abdel Halim, I.T., Sobh, M.A., Bahaa-Eldin, A.M.: HSAS-MD analyzer: a hybrid security analysis system using model-checking technique and deep learning for malware detection in IoT apps. Sensors 22(3), 1079 (2022)
Sahu, A.K., Sharma, S., Tanveer, M., Raja, R.: Internet of things attack detection using hybrid deep learning model. Comput. Commun. 176, 146–154 (2021)
Kolhar, M., Aldossary, S.M.: DL-Powered anomaly identification system for enhanced IoT data security. Comput. Mater. Continua. 77(3), 2857–2857 (2023)
Bhandari, G., Lyth, A., Shalaginov, A., Grønli, T.M.: Distributed deep neural-network-based middleware for cyber-attacks detection in smart IoT ecosystem: a novel framework and performance evaluation approach. Electronics 12(2), 298 (2023)
Acknowledgements
We declare that this manuscript is original, has not been published before, and is not currently being considered for publication elsewhere.
Author information
Authors and Affiliations
Contributions
The author confirms sole responsibility for the following: study conception and design, data collection, analysis and interpretation of results, and manuscript preparation.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Ethical approval
This material is the author’s original work, which has yet to be previously published elsewhere. The paper reflects the author’s research and analysis truthfully and completely.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix
Appendix-I
InSDN dataset | IoT-23 dataset | ||||||||
|---|---|---|---|---|---|---|---|---|---|
Attack types | Original Samples | After removing duplicate record | Newly generated samples | After augmentation | Attack types | Original Samples | After removing duplicate records | Newly generated samples | After augmentation |
Normal | 68,424 | – | 0 | 68,424 | Benign | 30,858,735 | 2,113,860 | To maintain dataset balance, certain samples are eliminated | 68,424 |
DDoS | 121,942 | – | To maintain dataset balance, certain samples are eliminated | 68,424 | DDoS | 19,538,713 | 3,643,225 | To maintain dataset balance, certain samples are eliminated | 68,424 |
DoS | – | 14,808 | 68,424 | Mirai | 9400 | 9400 | 59,024 | 68,424 | |
Probe | – | To maintain dataset balance, certain samples are eliminated | 68,424 | Okiru | 60,990,711 | 234,942 | To maintain dataset balance, certain samples are eliminated | 68,424 | |
Botnet | 164 | – | 68,260 | 68,424 | Torii | 30 | 30 | 68,394 | 68,424 |
Password | 1405 | – | 67,019 | 68,424 | PartofHorizontalPortScan | 213,853,817 | 369,525 | To maintain dataset balance, certain samples are eliminated | 68,424 |
Web-attack | 192 | – | 68,424 | Heart beat | 34,518 | 22,982 | 45,442 | 68,424 | |
U2R | 17 | – | 68,407 | 68,424 | FileDownload | 71 | 71 | 68,353 | 68,424 |
Command and control | 21,995 | 18,939 | 49,485 | 68,424 | |||||
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Swathi, B., Kolisetty, S.S., Sivanarayana, G.V. et al. Efficientnetv2-RegNet: an effective deep learning framework for secure SDN based IOT network. Cluster Comput 27, 10653–10670 (2024). https://doi.org/10.1007/s10586-024-04498-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-024-04498-0