Usage of Machine Learning Algorithms for Flow Based Anomaly Detection System in Software Defined Networks
Abstract
Computer networks are becoming more complex in the number of connected nodes and the amount of traffic. The growing number and increasing complexity of cyber-attacks makes network management and security a challenge. Software defined networks (SDN) technology is a solution that aims for efficient and flexible network management. The SDN controller(s) plays an important role in detecting and preventing cyber-attacks. In this study, a flow-based anomaly detection system running on the POX controller is designed. A comparative analysis of the supervised machine algorithms is given to choose the optimum anomaly detection method in SDN based networks. NSL-KDD dataset is used for training and testing of the classifiers. The results show that machine learning algorithms have great potential in the success of flow-based anomaly detection systems in the SDN infrastructure. © 2021, The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG.