Deep neural network with dropout for anomaly detection in software defined networking

Abstract

A novel anomaly detection-based NIDS is main demand in the computer networking security for discriminating malicious software attack at the early stage. It monitors and analyzes network traffics, checking abnormal behaviors or attack signatures. The detection rate or accuracy is the prerequisite in the network intrusion detection models, also, developing adaptive and flexible model is a critical challenge regarding to unseen attack. This search paper included the deep neural network (DNN) as anomaly detection model can be used within software defined networking (SDN). Dropout technique is used to prevent DNN model from overfitting. Six features have information about the flow were chosen from NSL-KDD dataset to fit and evaluate this model, these data features could be matched to packet-in message header values, also, these features enable the model to be a good generative, and well perform on intrusion recognition issue with a subset of the data. Cross entropy loss function with SoftMax output layer were used for getting the differences between the two different distribution and mapping to multiple class classification covered five class labels, one is normal and the others are attacks (Dos, R2L, U2L and Probe). Accuracy is a comparative metric utilized for assessing the model performance. The results are promising, where accuracy achieved 92.65%.