Voting based Intrusion Detection Framework for Securing Software-Defined Networks

Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed Denial of Service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research paper, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research paper, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets like UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F measure). Experimental results indicate that the proposed
models achieve better performance in terms of accuracy as compared to other existing models.