Intruder Detection System Based Artificial Neural Network for Software Defined Network

Abstract

This paper shows the implementation of an Intruder Detection System (IDS) integrated into an Artificial Neural Network (ANN), called (Snort + RNA); as an option to mitigate the risks of active computer attacks towards a Software Defined Network (SDN). Which leverages the network hyperconverged of the data center of the Faculty of Engineering of Applied Science (FICA) at the Technical University of the North. This proposal is tested under the PDCA model offered by the ISO/IEC 27001 standard and the processes provided by the hacker circle. The results show that Snort + RNA detects the anomalies that cause active-type attacks against the SDN, this is visible both in the alerts generated and in the record of the captured traffic, however, it is not possible to analyze all the packets it receives from attacks from DoS since some packages remain on hold or rejected. This shows that, although the system does not evaluate all the packets that circulate on the network, that it takes care of the protection of the SDN, providing alerts when its third parties tried to violate it with attacks that caused an increase in network traffic.