Deep Neural Network with Dropout for Anomaly Detection in Software Defined Networking
Zaid Khalaf Hussein1, Ban N. Dhannoon2
1Zaid Khalaf Hussein, Department of Computer Science, College of Science, AL-Nahrain University, Baghdad, IRAQ
2Ban N. Dhannoon, Department of Computer Science, College of Science, AL-Nahrain University, Baghdad, IRAQ.
Manuscript received on 22 August 2019. | Revised Manuscript received on 03 September 2019. | Manuscript published on 30 September 2019. | PP: 4084-4090 | Volume-8 Issue-11, September 2019. | Retrieval Number: K17100981119/2019©BEIESP | DOI: 10.35940/ijitee.K1710.0981119
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: A novel anomaly detection-based NIDS is main demand in the computer networking security for discriminating malicious software attack at the early stage. It monitors and analyzes network traffics, checking abnormal behaviors or attack signatures. The detection rate or accuracy is the prerequisite in the network intrusion detection models, also, developing adaptive and flexible model is a critical challenge regarding to unseen attack. This search paper included the deep neural network (DNN) as anomaly detection model can be used within software defined networking (SDN). Dropout technique is used to prevent DNN model from overfitting. Six features have information about the flow were chosen from NSL-KDD dataset to fit and evaluate this model, these data features could be matched to packet-in message header values, also, these features enable the model to be a good generative, and well perform on intrusion recognition issue with a subset of the data. Cross entropy loss function with SoftMax output layer were used for getting the differences between the two different distribution and mapping to multiple class classification covered five class labels, one is normal and the others are attacks (Dos, R2L, U2L and Probe). Accuracy is a comparative metric utilized for assessing the model performance. The results are promising, where accuracy achieved 92.65%.
Keywords: Software Defined Networking, Deep Neural Network, Dropout, and NSL-KDD dataset
Scope of the Article: Software Defined Networking and Network Function Virtualization