Network Traffic Feature Behaviour Augmentation Fusion based Attacks Classification for Intrusion Detection System in SDN Framework

  • Tạ Minh Thanh Le Quy Don Technical University
  • Duong Van Dan
  • Tran Nam Khanh


The implementation of Software-Defined Network (SDN) across multiple data centers aims to simplify the control and management of networks. However, the increasing popularity of SDN has also attracted the attention of attackers. To tackle this problem, it is essential to have an intrusion detection system (IDS) in place, which plays a crucial role in cybersecurity by addressing external threats. The advantage of SDN's centralized nature is that it facilitates the training of an IDS based on machine learning. However, there is a scarcity of research specifically focused on intrusion detection in SDN. Existing literature often treats SDN intrusion detection as similar to traditional computer systems and relies on intrusion datasets generated for those systems. We explore the issue of intrusion detection in SDN using the most recent public dataset (InSDN). However, InSDN is an imbalanced data set. In this paper, we have recommended a method to balance the data as well as a method to find the best features to improve the quality of IDS using Machine Learning. In addition, we also suggest a method of classifying SDN network traffic and normal network traffic. At the same time, we also evaluate the efficiency of the SDN system with the load balancing system and without the load balancing system.