Zum Inhalt springen

Integrating Online Learning with Collaborative Machine Learning for Continuous Intrusion Detection in SDN

Author: Golchin, P., Zhou, C., Liu, H., Scheuermann, B., Kundel, R., & Meuser, T.
Published in: Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS)
Year: 2024
Type: Academic articles

Software-Defined Networking (SDN) improves network management and flexibility by separating control and data plane functions. However, the centralized architecture of SDN can increase cybersecurity risks, such as an increased vulnerability to Denial of Service (DoS) attacks. While integrating machine learning (ML) models into Intrusion Detection Systems (IDSs) achieves high detection performance, these ML models must demonstrate strong generalization capabilities across new, previously unseen network traffic patterns, which is crucial for networks with dynamic traffic behavior. In our previously published work, Collaborative ML-based IDS (CML-IDS), different ML models are deployed in both the control and data plane to enhance detection performance while reducing network load and detection time. However, CML-IDS operates as an offline model, where ML models are trained once on a specific network traffic pattern, potentially limiting CML-IDS ability to generalize across diverse and new network traffic patterns effectively. To address this issue, we introduce COML-IDS, an online learning framework that automatically updates the ML model in the data plane when the detection performance degrades. Our results demonstrate that COML-IDS achieves an average increase of at least 25% in detection performance when encountering new network traffic patterns while reducing the need to forward the necessary flow feature data to the control plane compared to the CML-IDS.

Visit publication

Publication

Connected HIIG researchers

Björn Scheuermann, Prof. Dr.

Assoziierter Forschungsdirektor

Aktuelle HIIG-Aktivitäten entdecken

Forschungsthemen im Fokus

Das HIIG beschäftigt sich mit spannenden Themen. Erfahren Sie mehr über unsere interdisziplinäre Pionierarbeit im öffentlichen Diskurs.