C-RADAR: A Centralized Deep Learning System for Intrusion Detection in Software Defined Networks

TL;DR

This paper introduces C-RADAR, a deep learning system utilizing LSTM-Attn architecture for intrusion detection in SDNs, demonstrating superior accuracy and efficiency over traditional methods.

Contribution

It presents a novel deep learning approach specifically designed for SDN intrusion detection, combining LSTM and self-attention mechanisms.

Findings

Achieved an F1-score of 0.9721 in intrusion detection.

Outperformed traditional detection techniques in accuracy and efficiency.

Demonstrated adaptability to new attack patterns.

Abstract

The popularity of Software Defined Networks (SDNs) has grown in recent years, mainly because of their ability to simplify network management and improve network flexibility. However, this also makes them vulnerable to various types of cyber attacks. SDNs work on a centralized control plane which makes them more prone to network attacks. Research has demonstrated that deep learning (DL) methods can be successful in identifying intrusions in conventional networks, but their application in SDNs is still an open research area. In this research, we propose the use of DL techniques for intrusion detection in SDNs. We measure the effectiveness of our method by experimentation on a dataset of network traffic and comparing it to existing techniques. Our results show that the DL-based approach outperforms traditional methods in terms of detection accuracy and computational efficiency. The deep learning architecture that has been used in this research is a Long Short Term Memory Network and Self-Attention based architecture i.e. LSTM-Attn which achieves an Fl-score of 0.9721. Furthermore, this technique can be trained to detect new attack patterns and improve the overall security of SDNs.