Titre : | Intrusion Detection based on Machine Learning techniques for Software Defined Networks |
Auteurs : | Narimen Lehat, Auteur ; Soheyb Ayad, Directeur de thèse |
Type de document : | Monographie imprimée |
Editeur : | Biskra [Algérie] : Faculté des Sciences Exactes et des Sciences de la Nature et de la Vie, Université Mohamed Khider, 2022 |
Format : | 1 vol. (161 p.) / couv. ill. en coul / 30 cm |
Langues: | Anglais |
Mots-clés: | Intrusion Detection System (IDS) ; DoS/DDoS attacks, Software Defined Network(SDN), Security, Machine Learning |
Résumé : |
As an emerged network paradigm that was developed to reduce network complexity,Software-defined networks (SDN) became widely implemented in different data centers’ network environments. Nevertheless, having vulnerabilities makes it prone to different attacks especially DoS and DDoS which tend to target the controller the most to have full access to the whole network which remains a true challenge for manufacturers to solve. Deploying and performing the intrusion detection systems and techniques for monitoring the malicious activities relies on the quality of the dataset. Therefore, the proposed models based on machine learning for this project are trained on the newly generated InSDN dataset to predict and detect the DoS/DDoS attacks that can occur in the different SDN platform elements.According to the obtained results, the ANN model that was trained on a specific set of selected features performed better than the Support Vector Machine and Random Forest classifiers. |
Sommaire : |
Table of Contents List of Abbreviations.I General Introduction III Chapter 1: Generalities1 1.1. Introduction .2 1.2. Software Defined Networking (SDN).2 1.2.1. History .2 1.2.2. SDN architecture.4 1.2.3. Application of SDN7 1.3. Security in SDN9 1.3.1. Security analysis of SDN architecture9 1.3.2. Security attacks and threats to SDN architecture 10 1.4. Intrusion Detection System (IDS) 14 1.4.1. IDS Approaches . 14 1.4.2. Classification of IDS . 15 1.5. DOS/DDOS Attacks 15 1.5.1. Denial-of-Service (DoS). 15 1.5.2. Distributed-Denial-of-Service (DDoS) 1.5.3. DDoS Defense mechanisms 18 1.6. Conclusion. 19 Chapter 2: Machine Learning in Networking 20 2.1. Introduction .. 21 2.2. Machine Learning 21 2.2.1. Machine Learning techniques 22 2.2.2. Classification in Machine Learning 2.3. Feature Selection 28 2.3.1. Feature selection methods. 28 2.4. Related work.30 2.4.1. InSDN: A Novel SDN Intrusion Dataset 2.4.2. Collaborative detection and mitigation of DDoS in Software Defined Network 2.4.3. An evaluation of machine learning methods for classifying Bot traffic in Software Defined Networks 32 2.4.4. A comparison between the related works33 2.5. Conclusion.34 Chapter 3: ML based Models for Intrusion Detection in SDN . 35 3.1. Introduction . 36 3.2. General architecture. 36 3.3. Objectif. 36 3.4. Modeling process 37 3.5. Data preparation and preprocessing 38 3.5.1. Data description 38 3.5.2. Data preparation 40 3.5.3. Data Preprocessing. 41 3.6. Feature Selection . 42 3.7. Processing 42 3.7.1. RF Modeling 43 3.7.2. ANN Modeling . 43 3.7.3. SVM Modeling 44 3.8. Performance Evaluation 44 3.8.1. Confusion Matrix (CM)44 3.8.2. Accuracy.45 3.8.4. Recall.. 46 3.8.5. F1-score . 463.9. Model’s evaluation and comparison 47 3.10. Conclusion.. 47 Chapter 4: Experimental results and Discussion 48 4.1. Introduction .. 49 4.2. Environments and development tools 49 4.3. Environment description 50 4.4. Dataset analysis .. 51 4.4.1. Overview on the dataset . 51 4.4.2. Dataset preprocessing.. 51 4.5. Model training and evaluation 59 4.6. Comparison with related work models 70 4.7. Conclusion.. 71 General Conclusion ... 72 BIBLIOGRAPHY .. 73 APPENDIX A: Source Code . 78 APPENDIX B: Additional results of feature selection tests 8 |
Disponibilité (1)
Cote | Support | Localisation | Statut |
---|---|---|---|
MINF/771 | Mémoire master | bibliothèque sciences exactes | Consultable |