• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

使用深度学习方法的软件定义网络中的入侵检测

Intrusion detection in software defined network using deep learning approaches.

作者信息

Ataa M Sami, Sanad Eman E, El-Khoribi Reda A

机构信息

Fuclty of Computers and Artificial Intelligence, Cairo University, Giza, Egypt.

出版信息

Sci Rep. 2024 Nov 25;14(1):29159. doi: 10.1038/s41598-024-79001-1.

DOI:10.1038/s41598-024-79001-1
PMID:39587182
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11589109/
Abstract

Ensuring robust network security is crucial in the context of Software-Defined Networking(SDN). Which, becomes a multi-billion dollar industry, and it's deployed in many data centers nowadays. The new technology provides network programmability, network centralized control, and a global view of the network. But, unfortunately, it comes with new vulnerabilities, and new attack vectors compared to the traditional network. SDN network cybersecurity became a trending research topic due to the hype of Machine Learning (ML) when a group of Machine Learning(ML) techniques called Deep Learning(DL) started to take shape in the setting of SDN networks. This paper focuses on developing advanced Deep Learning(DL) models to address the inherent new attack vectors. In this paper, we have built and compared two models that can be used for building a complete Intrusion Detection System(IDS) solution, one using a hybrid CNN-LSTM architecture and the other using Transformer encoder-only architecture. We specifically target the SDN controller where it represents a crucial point. We utilized the InSDN dataset for training and testing our models, this dataset captures real-world traffic within the SDN environment. For evaluation, we have used accuracy, precision, recall, and F1 Score. Our experiment results show that the Transformer model with 48 features achieves the highest accuracy at 99.02%, while the CNN-LSTM model achieves 99.01%. We have reduced the features to 6 and 4, which gave us varying impacts on the models' performance. We have merged 4 poorly represented attacks in one class, which enhanced the accuracy by a significant score. Additionally, we investigate binary classification by merging all attack types into a single class, as a result, the accuracy increased for both models. The CNN-LSTM model achieves the best results with an accuracy of 99.19% for 6 feature sets, this enhances the state-of-the-art results.

摘要

在软件定义网络(SDN)的背景下,确保强大的网络安全至关重要。SDN已成为一个价值数十亿美元的行业,如今已部署在许多数据中心。这项新技术提供了网络可编程性、网络集中控制以及网络的全局视图。但不幸的是,与传统网络相比,它带来了新的漏洞和新的攻击向量。由于机器学习(ML)的热潮,当一组称为深度学习(DL)的机器学习技术在SDN网络环境中开始形成时,SDN网络网络安全成为一个热门研究课题。本文专注于开发先进的深度学习(DL)模型,以应对固有的新攻击向量。在本文中,我们构建并比较了两个可用于构建完整入侵检测系统(IDS)解决方案的模型,一个使用混合CNN-LSTM架构,另一个使用仅含Transformer编码器的架构。我们特别针对SDN控制器,因为它是一个关键点。我们利用InSDN数据集来训练和测试我们的模型,该数据集捕获了SDN环境中的真实流量。为了进行评估,我们使用了准确率、精确率、召回率和F1分数。我们的实验结果表明,具有48个特征的Transformer模型达到了最高准确率,为99.02%,而CNN-LSTM模型达到了99.01%。我们将特征减少到6个和4个,这对模型性能产生了不同的影响。我们将4种代表性不足的攻击合并为一类,这显著提高了准确率。此外,我们通过将所有攻击类型合并为一个单一类别来研究二分类,结果,两个模型的准确率都有所提高。对于6个特征集,CNN-LSTM模型取得了最佳结果,准确率为99.19%,这提升了当前的最优结果。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/dc83b162f800/41598_2024_79001_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/6012264e8b9f/41598_2024_79001_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/a992b9a7f48b/41598_2024_79001_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/8928a537f8fc/41598_2024_79001_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/2d288bcd165f/41598_2024_79001_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/5c8456c20680/41598_2024_79001_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/c7a4f56f90ae/41598_2024_79001_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/5011ebcd9c67/41598_2024_79001_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/02f641c19b80/41598_2024_79001_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/dc83b162f800/41598_2024_79001_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/6012264e8b9f/41598_2024_79001_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/a992b9a7f48b/41598_2024_79001_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/8928a537f8fc/41598_2024_79001_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/2d288bcd165f/41598_2024_79001_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/5c8456c20680/41598_2024_79001_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/c7a4f56f90ae/41598_2024_79001_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/5011ebcd9c67/41598_2024_79001_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/02f641c19b80/41598_2024_79001_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/e946/11589109/dc83b162f800/41598_2024_79001_Fig15_HTML.jpg

相似文献

1
Intrusion detection in software defined network using deep learning approaches.使用深度学习方法的软件定义网络中的入侵检测
Sci Rep. 2024 Nov 25;14(1):29159. doi: 10.1038/s41598-024-79001-1.
2
A hybrid feature weighted attention based deep learning approach for an intrusion detection system using the random forest algorithm.基于混合特征加权注意力的深度学习方法与随机森林算法在入侵检测系统中的应用。
PLoS One. 2024 May 23;19(5):e0302294. doi: 10.1371/journal.pone.0302294. eCollection 2024.
3
DDosTC: A Transformer-Based Network Attack Detection Hybrid Mechanism in SDN.DDosTC:SDN 中的基于 Transformer 的网络攻击检测混合机制。
Sensors (Basel). 2021 Jul 26;21(15):5047. doi: 10.3390/s21155047.
4
High-speed threat detection in 5G SDN with particle swarm optimizer integrated GRU-driven generative adversarial network.基于集成粒子群优化器的门控循环单元驱动生成对抗网络的5G 软件定义网络中的高速威胁检测
Sci Rep. 2025 Mar 23;15(1):10025. doi: 10.1038/s41598-025-95011-z.
5
Multi-Stage Learning Framework Using Convolutional Neural Network and Decision Tree-Based Classification for Detection of DDoS Pandemic Attacks in SDN-Based SCADA Systems.基于卷积神经网络和决策树分类的多阶段学习框架,用于检测基于软件定义网络的监控与数据采集系统中的分布式拒绝服务大规模攻击。
Sensors (Basel). 2024 Feb 5;24(3):1040. doi: 10.3390/s24031040.
6
Metaparameter optimized hybrid deep learning model for next generation cybersecurity in software defined networking environment.用于软件定义网络环境中下一代网络安全的元参数优化混合深度学习模型
Sci Rep. 2025 Apr 23;15(1):14166. doi: 10.1038/s41598-025-96153-w.
7
A deep Reinforcement learning-based robust Intrusion Detection System for securing IoMT Healthcare Networks.一种基于深度强化学习的健壮入侵检测系统,用于保障物联网医疗保健网络安全。
Front Med (Lausanne). 2025 Apr 8;12:1524286. doi: 10.3389/fmed.2025.1524286. eCollection 2025.
8
An Efficient Intrusion Detection System using Advanced Machine Learning Techniques in Software-Defined Networks (SDN) for Healthcare System.一种在医疗保健系统的软件定义网络(SDN)中使用先进机器学习技术的高效入侵检测系统。
IEEE J Biomed Health Inform. 2025 Jan 16;PP. doi: 10.1109/JBHI.2025.3530563.
9
Attacks to Automatous Vehicles: A Deep Learning Algorithm for Cybersecurity.自动驾驶汽车攻击:网络安全的深度学习算法。
Sensors (Basel). 2022 Jan 4;22(1):360. doi: 10.3390/s22010360.
10
Software defined networking based network traffic classification using machine learning techniques.基于软件定义网络并使用机器学习技术的网络流量分类
Sci Rep. 2024 Aug 29;14(1):20060. doi: 10.1038/s41598-024-70983-6.

引用本文的文献

1
Adaptive DDoS detection mode in software-defined SIP-VoIP using transfer learning with boosted meta-learner.基于带增强元学习器的迁移学习的软件定义SIP-VoIP中的自适应分布式拒绝服务检测模式。
PLoS One. 2025 Jun 26;20(6):e0326571. doi: 10.1371/journal.pone.0326571. eCollection 2025.
2
A new intrusion detection method using ensemble classification and feature selection.一种使用集成分类和特征选择的新型入侵检测方法。
Sci Rep. 2025 Apr 20;15(1):13642. doi: 10.1038/s41598-025-98604-w.