Anomalous Detection System with Improved Deep Learning Training Method for Software Defined Networks

Date

2020

Authors

Everett, Kyle

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

The field of software defined networks (SDN) is paving the way for some of the most interesting and game changing ways we look at cybersecurity as it relates to Industry 4.0. Since an industrial IoT (IIoT) system is a cyber physical system that combines field-deployed devices as well as back-end Cloud Infrastructure, it presents a particularly large surface area for a cyber-attack. Recent advances now make it possible to use Deep Learning neural networks for both the controllability of a network and anomaly detection, as well as for real-time intrusion detection. The proposed architecture addresses some of the issues of distributed networks as well as the improvement on the training aspect of similar SDN deep learning models. The first method presents an algorithm that stretches a distributed IDS system from the edge layer to the device layer. This causes the device layer to utilize an IDS or ADS to determine irregular resource patterns for substantial malware detection or anomalous behavior analysis. The second method proposes using a Deep Convolutional Generative Adversarial Network (DCGAN) to improve the training and testing of a Convolutional Neural Network (CNN) by generating normal samples to balance the UNSW-NB15 network traffic dataset. The proposed scheme increases the precision of both the binary and the categorical classifications. The DCGAN solution increases the accuracy of the normal data by 4% and the overall recall by an additional 7%.

Description

This item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.

Keywords

Anomalous detection, Deep learning, Software defined network

Citation

Department

Electrical and Computer Engineering