DCGAN DATA BALANCING TO IMPROVE ACCURACY OF HYBRID CNN-LSTM INTRUSION DETECTION FRAMEWORK IN SDN ENVIRONMENT

Main Article Content

Mohammad-Reza Feizi-Derakhshi
Watheq Ghanim Mutasher AL-Talebei

Abstract

Maintaining robust network security in Software-Defined Networking (SDN) systems has become increasingly challenging due to sophisticated cyber-attacks and the centralized nature of SDN. This paper introduces a novel intrusion detection system based on a hybrid deep learning model that combines Convolutional Neural Networks (CNN) for spatial feature extraction and Long Short-Term Memory (LSTM) networks for temporal dependency extraction. The approach is applied to the large InSDN dataset, having labeled traffic for normal activity as well as various classes of attacks, to train multi-class as well as binary classifiers. Synthetic samples are generated based on Deep Convolutional Generative Adversarial Networks (DCGAN) in order to effectively tackle the issues due to class imbalance and thereby enhance the detection rate for minority classes of attacks. Experimental tests carried out in a simulated SDN network with Mininet and Hping3 have outstanding performance, with the binary model achieving 99.81% accuracy and the optimal multi-class model achieving 99.4% accuracy. Such promising results demonstrate the capability of the proposed framework to offer an efficient and scalable real-time intrusion detection solution for the modern SDN infrastructures.

Article Details

How to Cite
Feizi-Derakhshi , M.-R. ., & Mutasher AL-Talebei , W. G. . (2025). DCGAN DATA BALANCING TO IMPROVE ACCURACY OF HYBRID CNN-LSTM INTRUSION DETECTION FRAMEWORK IN SDN ENVIRONMENT. Advanced Information Systems, 9(4), 120–131. https://doi.org/10.20998/2522-9052.2025.4.14
Section
Intelligent information systems
Author Biographies

Mohammad-Reza Feizi-Derakhshi , University of Tabriz, Tabriz, Iran

Ph.D (artificial intelligence), Full Professor of Artificial Intelligence, Computerized Intelligence Systems Laboratory, Department of Computer Engineering, University of Tabriz, Tabriz, Iran;
Uruk University, Baghdad, Iraq

Watheq Ghanim Mutasher AL-Talebei , University of Tabriz, Tabriz, Iran

M.Sc. in Computer Science, Ph.D. student in Artificial Intelligence

References

Shafiq, S., Rahman, M. S., Shaon, S. A., Mahmud, I. and Hosen, A. S. M. S. (2024), “A Review on Software-Defined Networking for Internet of Things Inclusive of Distributed Computing, Blockchain, and Mobile Network Technology: Basics, Trends, Challenges, and Future Research Potentials,” International Journal of Distributed Sensor Networks, vol. 2024, doi: https://doi.org/10.1155/2024/9006405

Khongbuh, W. and Saha, G. (2024), “A Survey for Software-Defined Networking (SDN) Enabled Internet of Things (IoT) Networks”, Science and Technology Journal, vol. 12, no. 1, pp. 77–88, doi: https://doi.org/10.22232/stj.2024.12.01.10

Domeke, A., Cimoli, B. and Monroy, I. T. (2022), “Integration of network slicing and machine learning into edge networks for low‐latency services in 5G and beyond systems”, Applied Sciences, vol. 12, no. 13, doi: https://doi.org/10.3390/app12136617

Afolabi, I., Taleb, T., Samdanis, K., Ksentini, A. and Flinck, H. (2018), “Network slicing and softwarization: A survey on principles, enabling technologies, and solutions”, IEEE Commun. Surveys Tuts., vol. 20, no. 3, pp. 2429–2453, doi: https://doi.org/10.1109/COMST.2018.2815638

Acquah, D. K., Sowah, R. A. and Togo, E. T. (2024), “Network Intrusion Detection and Prevention System Using Hybrid Machine Learning Techniques”, Security and Privacy, vol. 2024, art. id. 5775671, doi: https://doi.org/10.1155/2024/5775671

Mhamdi, L. and Isa, M. M. (2024), “Securing SDN: Hybrid autoencoder-random forest for intrusion detection and attack mitigation”, Journal of Network and Computer Applications, vol. 225, no. 103868, doi: https://doi.org/10.1016/j.jnca.2024.103868

Abdallah, M., An Le Khac, N., Jahromi, H. and Delia Jurcut, A. (2021), “A hybrid CNN-LSTM based approach for anomaly detection systems in SDNs”, The 16th International Conference on Availability, Reliability and Security, doi: https://doi.org/10.1145/3465481.3469190

Alanazi, F., Jambi, K., Eassa, F., Khemakhem, M., Basuhail, A. and Alsubhi, K. (2022), “Ensemble deep learning models for mitigating DDoS attack in software-defined network”, Intell. Autom. Soft Comput., vol. 33, no. 2, pp. 923–938, doi: https://doi.org/10.32604/iasc.2022.024668

Alasadi, H. S., Farzinvash, L., Mortazavi, S. A. and Feizi-Derakhshi, M.-R. (2024), “Enhancing Data Collection in Heterogenous Wireless Sensor Networks: A Novel Tree-Structured Genetic Algorithm Approach”, IEEE Access, vol. 12, doi: https://doi.org/10.1109/ACCESS.2024.3502458

Iraji, M., Tanha, J., Balafar, M.-A. and Feizi Derakhshi, M. R. (2024), “A novel interpolation consistency for bad generative adversarial networks (IC-BGAN)”, Multimedia Tools Appl, vol. 83, no. 38, pp. 86161–86205, doi: https://doi.org/10.1007/s11042-024-20333-5

Ketkar, N. and Moolayil, J. (2021), Deep learning with python: Learn Best Practices of Deep Learning Models with PyTorch, Apress Media LLC, 306 p., doi: https://doi.org/10.1007/978-1-4842-5364-9

Halbouni, A., Gunawan, T. S., Habaebi, M. H., Halbouni, M., Kartiwi, M. and Ahmad, R. (2022), “CNN-LSTM: Hybrid deep neural network for network intrusion detection system”, IEEE Access, vol. 10, pp. 99837–99849, doi: https://doi.org/10.1109/ACCESS.2022.3206425

Oyucu, S., Polat, O., Türkoğlu, M., Polat, H., Aksöz, A. and Ağdaş, M. T. (2023), “Ensemble Learning framework for DDoS detection in SDN-based SCADA systems”, Sensors (Basel, Switzerland), vol. 24, no. 1, doi: https://doi.org/10.3390/s24010155

Zulu, L. L., Ogudo, K. A. and Umenne, P. O. (2018), “Simulating software defined networking using mininet to optimize host communication in a realistic programmable network,” 2018 International Conference on Advances in Big Data, Computing and Data Communication Systems (icABCD), pp. 1–6, doi: https://doi.org/10.1109/ICABCD.2018.8465433

Malik, J., Akhunzada, A., Bibi, I., Imran, M., Musaddiq, A. and Kim, S. W. (2020), “Hybrid Deep Learning: An Efficient Reconnaissance and Surveillance Detection Mechanism in SDN”, IEEE Access, vol. 8, pp. 134695–134706, doi: https://doi.org/10.1109/ACCESS.2020.3009849

ElSayed, M. S., Le-Khac, N. A., Albahar, M. A. and Jurcut, A. (2021), “A novel hybrid model for intrusion detection systems in SDNs based on CNN and a new regularization technique”, Journal of Network and Computer Applications, vol. 191, doi: https://doi.org/10.1016/j.jnca.2021.103160

Shahin, M., Chen, F. F., Bouzary, H., Hosseinzadeh, A. and Rashidifar, R. (2022), “A Novel Fully Convolutional Neural Network Approach For Detection and Classification of Attacks on Industrial IoT Devices in Smart Manufacturing Systems”, doi: https://doi.org/10.21203/rs.3.rs-1739779/v1

Ahmed, N., Ngadi, A. b., Sharif, J. M., Hussain, S., Uddin, M., Rathore, M. S., Iqbal, J., Abdelhaq, M., Alsaqour, R., Ullah, S. S. and Zuhra, F. T. (2022), “Network Threat Detection Using Machine/Deep Learning in SDN-Based Platforms: A Comprehensive Analysis of State-of-the-Art Solutions, Discussion, Challenges, and Future Research Direction”, Sensors (Basel, Switzerland), vol. 22, no. 20, pp. 7896, doi: https://doi.org/10.3390/s22207896

Shahryari, M.-S., Farzinvash, L., Mohammad-Khanli, L., Ramezani, M. and Feizi-Derakhshi, M.-R. (2023), “Nesting Circles: An Interactive Visualization Paradigm for Network Intrusion Detection System Alerts”, Secur Commun Netw, vol. 2023, doi: https://doi.org/10.1155/2023/5513227

Khaleel, T. J. and Shiltagh, N. A. (2023), “DDOS ATTACK DETECTION USING HYBRID (CCN AND LSTM) ML MODEL”, Int J Comput Inf, vol. 11, no. 1, pp. 1–10, doi: https://doi.org/10.25195/ijci.v49i2.446

Jyothsna, V., Sandhya, E., Swetha, T., Lokesh Kumar Reddy, P., Jyothsna, B. and Bhasha, P. (2023), “Deep Learning Model for Intrusion Detection in SDN Networks”, 2023 1st International Conference on Optimization Techniques for Learning, ICOTL 2023 - Proceedings, Institute of Electrical and Electronics Engineers Inc., doi: https://doi.org/10.1109/ICOTL59758.2023.10435198

Kandhro, I. A., Alanazi, S. M., Fatima, K., Uddin, M., Ali, F., Kehar, A. and Karuppayah, S. (2023), “Detection of Real-Time Malicious Intrusions and Attacks in IoT Empowered Cybersecurity Infrastructures”, IEEE Access, vol. 11, pp. 9136–9148, doi: https://doi.org/10.1109/ACCESS.2023.3238664

Aleem, S. and Ahmed, S. (2023), “Network Security and Communication Unlocking Network Security and QoS: The Fusion of SDN, IoT, and Machine Learning: A Comprehensive Analysis”, Int J Sci Res Netw Secur Commun, vol. 3, no. 2, pp. 1–15, doi: https://doi.org/10.5281/zenodo.1234567

Kaur, G. and Kaur, M. (2023), “Enhanced Security Framework for Modern Network Architectures: Integrating AI-Driven Threat Detection and Prevention Mechanisms”, International Journal of Advanced Computer Science and Applications, vol. 14, no. 3, pp. 45–58, doi: https://doi.org/10.14569/IJACSA.2023.0140306

Samaan, S. S. and Jeiad, H. A. (2023), “Feature-based real-time distributed denial of service detection in SDN using machine learning and Spark”, Bulletin of Electrical Engineering and Informatics, vol. 12, no. 4, pp. 2302–2312, doi: https://doi.org/10.11591/eei.v12i4.4711

Rui, K., Pan, H. and Shu, S. (2023), “Secure routing in the Internet of Things (IoT) with intrusion detection capability based on software-defined networking (SDN) and Machine Learning techniques”, Sci Rep, vol. 13, no. 1, doi: https://doi.org/10.1038/s41598-023-44764-6

Maddu, M. and Rao, Y. N. (2024), “Network intrusion detection and mitigation in SDN using deep learning models”, Int J Inf Secur, vol. 23, no. 2, pp. 849–862, doi: https://doi.org/10.1007/s10207-023-00771-2

Racherla, S., Sripathi, P., Faruqui, N., Alamgir Kabir, M., Whaiduzzaman, M. and Aziz Shah, S. (2024), “Deep-IDS: A Real-Time Intrusion Detector for IoT Nodes Using Deep Learning”, IEEE Access, vol. 12, pp. 63584–63597, doi: https://doi.org/10.1109/ACCESS.2024.3396461

Alashhab, A. A., Isyaku, B., Zahid, M. S., Abaselnour, A., Nagmeldin, W. A., Abdelmaboud, A., Abdullah, T. A. A. and Maiwada, U. D. (2024), “Enhancing DDoS Attack Detection and Mitigation in SDN Using an Ensemble Online Machine Learning Model”, IEEE Access, vol. 12, pp. 51630–51649, doi: https://doi.org/10.1109/ACCESS.2024.3384398

Arthi, R., Krishnaveni, S. and Zeadally, S. (2024), “An intelligent SDN-IoT enabled intrusion detection system for healthcare systems using a hybrid deep learning and machine learning approach”, China Communications, doi: https://doi.org/10.23919/JCC.ja.2022-0681

Ghadermazi, J., Shah, A. and Bastian, N. D. (2024), “Towards Real-time Network Intrusion Detection with Image-based Sequential Packets Representation”, IEEE Trans Big Data, doi: https://doi.org/10.1109/TBDATA.2024.3403394

Musa, N. S., Mirza, N. M., Rafique, S. H., Abdallah, A. M. and Murugan, T. (2024), “Machine Learning and Deep Learning Techniques for Distributed Denial of Service Anomaly Detection in Software Defined Networks - Current Research Solutions”, IEEE Access, vol. 12, pp. 17982–18011, doi: https://doi.org/10.1109/ACCESS.2024.3360868

Rustam, F., Raza, A., Qasim, M., Posa, S. K. and Jurcut, A. D. (2024), “A Novel Approach for Real-Time Server-Based Attack Detection Using Meta-Learning”, IEEE Access, vol. 12, pp. 39614–39627, doi:

https://doi.org/10.1109/ACCESS.2024.3375878

Hirsi, A., Audah, L., Salh, A., Alhartomi, M. A. and Ahmed, S. (2024), “Detecting DDoS Threats using Supervised Machine Learning for Traffic Classification in Software Defined Networking”, IEEE Access, doi: https://doi.org/10.1109/ACCESS.2024.3486034

Ebrahimzadeh, F., Nazari, A., Feizi-derakhshi, M. R. and Mansoorizadeh, M. (2023), “A Hybrid Recurrent Neural Network Approach for Detecting Abnormal User Behavior in Social Networks,” doi: https://doi.org/10.21203/rs.3.rs-3242416/v1

Elsayed, M. S., Le-Khac, N. A. and Jurcut, A. D. (2020), “InSDN: A novel SDN intrusion dataset,” IEEE Access, vol. 8, pp. 165263–165284, doi: https://doi.org/10.1109/ACCESS.2020.3022633

Koziarski, M. (2020), “Radial-Based Under sampling for imbalanced data classification”, Pattern Recognit, vol. 102, 107262, doi: https://doi.org/10.1016/j.patcog.2020.107262

Christopher, V., Aathman, T., Mahendrakumaran, K., Nawaratne, R., De Silva, D. and Alahakoon, D. (2021), “Minority Resampling Boosted Unsupervised Learning with Hyperdimensional Computing for Threat Detection at the Edge of Internet of Things”, IEEE Access, vol. 9, pp. 126646–126657, doi: https://doi.org/10.1109/ACCESS.2021.3111053