Intelligent Intrusion Detection in Software-Defined Networks Using a Hybrid Deep Learning Model with Feature Selection and Adaptive Thresholding
Keywords:
Software-Defined Networking (SDN), Intrusion Detection System (IDS), Hybrid Deep Learning, Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM), Feature Selection, Adaptive Thresholding, Cybersecurity, Network Traffic Analysis, Anomaly DetectioAbstract
Software-Defined Networks (SDNs) are gaining widespread adoption due to their centralized management and flexibility. However, these same traits make them vulnerable to sophisticated security threats. Traditional intrusion detection systems (IDSs) often fail to cope with the dynamic nature of SDNs and generate high false positive rates. This paper introduces an intelligent IDS framework combining hybrid deep learning (CNN + LSTM), feature selection, and adaptive thresholding. Feature selection reduces data dimensionality for improved efficiency, while adaptive thresholding dynamically adjusts decision boundaries to minimize false alarms. Evaluations on NSL-KDD and CICIDS2017 datasets show that the proposed system outperforms standalone models, offering superior accuracy and lower false positives.
References
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016). A Deep Learning Approach for Network Intrusion Detection System. EAI Endorsed Transactions on Security and Safety, 3(9), 1–7.
Tang, T. A., McLernon, D., & Ghogho, M. (2019). Deep Learning Approach for Network Intrusion Detection in Software Defined Networking. IEEE WINCOM, 1–6.
Kang, M., Kang, J. W., & Im, E. G. (2020). IDS using Deep Neural Network for Automotive Systems. PLOS ONE, 15(5), e0232822.
Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks. IEEE Access, 5, 21954–21961.
Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., & Lloret, J. (2017). CVAE for Feature Recovery in IDS for IoT. Sensors, 17(9), 1967.
Moustafa, N., & Slay, J. (2015). UNSW-NB15: A Dataset for IDS. MilCIS 2015, 1–6
Diro, A. A., & Chilamkurti, N., "Distributed Attack Detection Scheme Using Deep Learning Approach for Internet of Things," Future Generation Computer Systems, vol. 82, pp. 761–768, May 2018.
Liu, H., Lang, B., Liu, M., & Yan, H., "CNN and RNN Based Payload Classification Methods for Attack Detection," Knowledge-Based Systems, vol. 163, pp. 332–341, Jan. 2019.
Munaiah, N., & Kaushik, S., "Feature Selection for Network Intrusion Detection Using NSGA-II," IEEE Transactions on Cybernetics, vol. 49, no. 6, pp. 2228–2241, Jun. 2019.
Wang, W., Zhu, M., Zeng, X., Ye, X., & Sheng, Y., "Malware Traffic Classification Using Convolutional Neural Network for Representation Learning," 2017 International Conference on Information Networking (ICOIN), pp. 712–717.
Doshi, R., Apthorpe, N., & Feamster, N., "Machine Learning DDoS Detection for Consumer Internet of Things Devices," IEEE Security and Privacy Workshops, pp. 29–35, 2018.
Han, Y., Xiao, Y., & Deng, H., "Intrusion Detection Based on Conditional Variational Autoencoder for Internet of Things," IEEE Access, vol. 8, pp. 32464–32476, 2020.
Kim, G., Lee, S., & Kim, S., "A Novel Hybrid Intrusion Detection Method Integrating Anomaly Detection With Misuse Detection," Expert Systems with Applications, vol. 41, no. 4, pp. 1690–1700, Mar. 2014.
Nguyen, T. T., & Armitage, G., "A Survey of Techniques for Internet Traffic Classification Using Machine Learning," IEEE Communications Surveys & Tutorials, vol. 10, no. 4, pp. 56–76, 2008
