International Journal on Advanced Science, Engineering and Information Technology

The presence of network technology eliminates regional boundaries that become obstacles in communicating and exchanging data and information to the public. The wider the zone of a network, the network infrastructure will increase in size. The bigger the network infrastructure, the higher the level of management complexity. The Software Defined Network (SDN) concept is a new network concept that provides a solution for managing large infrastructure networks and has a wide service zone. SDN architecture is different from traditional networks. The SDN architecture is divided into three: the data plane, control plane, and application plane. Whereas in the traditional network architecture, the three are combined into one. Besides, in maintaining network security. SDN offers a security system, namely the OpenFlow Protocol. The OpenFlow Protocol security system works to regulate the packet traffic that passes. Forwards registered packet data traffic and performs down the action for unknown packet traffic. The weakness is that the OpenFlow Protocol must always be updated with SDN network packet traffic, and the system cannot detect the threat of attacks on encryption traffic. Nowadays, the frequency of attacks on network traffic is relatively high. The attack techniques used also evolved. The techniques used are also evolving. Botnets have been able to use several encryption protocols such as TLS / HTTPS, Tor, and P2P as loopholes to attack a network. SDN's presence as a management solution for large infrastructure networks is not directly proportional to its security system that undoubtedly have a bad impact on SDN network users. Therefore, this study aims to develop an SDN Network Intrusion Detection System (IDS) model to detect botnets in encryption traffic. The model was developed using the Deep Neural Network (DNN) approach. The SDN network botnet detection model developed can detect encryption traffic botnets with an accuracy rate of 94.78%, 93.28% precision, and a recall of 99.11%.

Botnet; deep neural network; encrypted traffic; software-defined network

C. Yin, Y. Zhu, J. Fei and X. He, “A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks,†IEEE Access, vol. 5, pp. 21954 - 2196, 2017.

U. Wijesinghe, U. Tupakula and V. Varadharajan, “Botnet detection using software defined networking,†2015 22nd International Conference on Telecommunications (ICT), pp. 219-224, 2015.

P. Wang , F. Ye, X. Chen and Y. Qian, “Datanet: Deep Learning Based Encrypted Network Traffic Classification in SDN Home Gateway,†EEE Access, vol. 6, pp. 55380 - 55391, 2018.

M. K. Putchala, “Deep Learning Approach for Intrusion Detection System (IDS) in the Internet of Things (IoT) Network using Gated Recurrent Neural Networks (GRU),†CORE Scholar Wright State University, Ohio, 2017.

C. V. Neu, A. F. Zorzo, A. M. S. Orozco and R. A. Michelin, “An approach for detecting encrypted insider attacks on OpenFlow SDN Networks,†International Conference for Internet Technology and Secured Transactions, pp. 210-215, 2017.

H. Mutaher, P. Kumar and A. Wahid, “Openflow Controller-Based Sdn:Security Issues And Countermeasures,†International Journal of Advanced Research in Computer Science, vol. 9, no. 2, pp. 397-401, 2018.

Y. M. Mahardhika, A. Sudarsono and A. R. Barakbah, “An Implementation of Botnet Dataset to Predict Accuracy Based on Network Flow Model,†Proceedings - International Electronics Symposium on Knowledge Creation and Intelligent Computing, IES-KCIC 2017, Vols. 2017-January, pp. 33-39, 2017.

K. Kim and M. E. Aminanto, “Deep Learning in Intrusion Detection Perspective: Overview and Further Challenges,†IEEE Xplore, Vols. 2018-January, pp. 5-10, 2018.

C. Jing, C. Xi, D. Ruiying, H. Li and W. Chiheng, “BotGuard：Lightweight Real-Time Botnet Detection in Software Defined Networks,†Wuhan University Journal of Natural Sciences, vol. 22, no. 2, p. 103–113, 2017.

R. Hadianto and T. W. Purboyo, “A Survey Paper on Botnet Attacks and Defenses in Software Defined Networking,†International Journal of Applied Engineering Research, vol. 13, pp. 483-489, 2018.

Gnanambal S, Thangaraj M, Meenatchi V.T and Gayathri V, “Classification Algorithms with Attribute Selection: an evaluation study using WEKA,†Int. J. Advanced Networking and Applications, vol. 09, no. 06, pp. 3640-3644, 2018.

L. Fausett , Fundamentals of Neural Networks: architectures, algorithms, and applications, United States: Prentice-Hall, Inc, 1994, p. 461.

F. Collet, Deep Learning with Python, Shelter Island: Manning Publications Co, 2018.

P. W. Chi, C.-T. Kuo, H.-M. Ruan, S.-J. Chen and C.-L. Lei, “An AMI Threat DetectionMechanism Based on SDN Networks,†SECURWARE 2014 - 8th International Conference on Emerging Security Information, Systems and Technologies, no. c, pp. 208-211, 2014.

M. Alauthaman, N. Aslam, L. Zhang, R. Alasem and M. A. Hossain, “A P2P Botnet detection scheme based on decision tree,†Neural Computing and Applications, vol. 29, no. 11, pp. 991-1004, 2018.

A. Hussein, L. Chadad, N. Adalian, A. Chehab, I. H. Elhajj and A. Kayssi, “Software-Defined Networking (SDN): the security review,†Journal of Cyber Security Technology, vol. 4, no. 1, pp. 1-66, 2019.

S. C. Su, Y.-R. Chen, S.-C. Tsai and Y.-B. Lin, “Detecting P2P Botnet in Software Defined Networks,†Security and Communication Networks, vol. 2018, pp. 1-13, 2018.

D. S. Rana, S. A. Dhondiyal and S. K. Chamoli, “Software Defined Networking (SDN) Challenges, issues and Solution,†International Journal of Computer Sciences and Engineering, vol. 7, no. 1, pp. 884-889, January 2019.

S. Chen, W. Sun and W. Hu, “On Dynamic Hypervisor Placement in Virtualized Software Defined Networks (vSDNs),†2020 22nd International Conference on Transparent Optical Networks (ICTON), Vols. 2020-July, pp. 1-5, 2020.

S. Gaonkar, N. Fal Dessai, J. Costa, A. Borkar, S. Aswale and P. Shetgaonkar, “A Survey on Botnet Detection Techniques,†2020 International Conference on Emerging Trends in Information Technology and Engineering (ic-ETITE), pp. 1-6, 2020.

G. Vormayr, T. Zseby and J. , “Botnet Communication Patterns,†IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2768 - 2796, 2017.

P. Prasse, L. Machlica, T. Pevn´y, J. Havelka and T. Scheffer, “Malware Detection by Analysing Encrypted Network Traffic with Neural Networks,†Proceedings - 2017 IEEE Symposium on Security and Privacy Workshops, SPW 2017, Vols. 2017-December, pp. 205-210, 2017.

S. Singaravela, J. Suykensb and P. Geyer, “Deep-learning neural-network architectures and methods: Using componentbased models in building-design energy prediction,†Advanced Engineering Informatics, vol. 38, no. May, pp. 81-90, 2018.

R. Prasad and V. Rohokale, “BOTNET,†in Cyber Security: The Lifeline of Information and Communication Technology, Switzerland, Springer, 2020, pp. 43-65.

Y. Dong, R. Wang and J. He, “Real-Time Network Intrusion Detection System Based on Deep Learning,†Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS, vol. 2019, 2019.

W. Li, W. Meng and L. F. Kwok, “A survey on OpenFlow-based Software Defined Networks: Security challenges and countermeasures,†Journal of Network and Computer Applications, vol. 68, pp. 126-139, 2016.