Evaluating Machine Learning -Based Intrusion Detection in Software Defined Networks Using NSL-KDD Dataset

Abstract

Software Defined network is an emerging and evolving network technology. A significant advantage of SDN is that it offers centralized control of the network, where all controller operations are centralized. The open-source Software Defined Networking (SDN) emulator, Mininet, has been utilized for generating and simulating virtual networks, in conjunction with POX, an open-source remote controller. A publicly available dataset, NSL KDD, is utilized for intrusion detection, evaluation, and comparison among several classification algorithms. In this proposed work, a supervised machine learning algorithm, a Decision Tree, is utilized for intrusion detection. Python is used as a tool to create, test, and compare different approaches to detect malicious attacks and identify the best one among them. These experiments are conducted to achieve results based on accuracy, recall, false positives, F-measure, and precision. Our proposed ML approach possesses more potential for intrusion detection using an accuracy measure. The decision tree is the best approach to detect intrusion based on detection speed and effectiveness. The precision of a decision tree is also the highest and most accurate among machine learning techniques.