Abstract
Currently, there is an enormous disturbance regarding privacy in information and communication technology around the scientific community. Since any assault or abnormality in the network can seriously disturb numerous realms like national security, private data storage, social welfare, economic issues, and so on. Consequently, one of the domains for detecting intrusion in the network is anomaly detection domain and it is a wide probe area. Various numerous methods and approaches have developed for anomaly detection. In the network security field, traffic anomaly detection has been a main aspect. The network security domain recognizes assaults in terms of significant deviations from the entrenched regular usage profiles. Nowadays, software-defined networking (SDN) is a new networking model has developed to ease effectual network control and management. This view investigates 50 probe papers focused on traffic flow rate prediction-based anomaly detection in SDN. Furthermore, it presents technique wise classifications like flow counting-based techniques, information theory-based approaches, entropy-based techniques, deep learning (DL)-based approaches, hybrid methods and network methods. An examination includes in an overview based on classification research techniques, toolset used, years of publication, datasets, and evaluation metrics for predicting anomaly in the SDN environment. Lastly, the limitations of surveyed techniques are explained, that encourage investigators for inventing more new techniques for predicting anomaly in SDN.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
No new data were generated or analyzed in support of this research.
References
Aljawarneh S, Yassein MB (2019) An enhanced J48 classification algorithm for the anomaly intrusion detection systems”. Cluster Comput 22(5):10549–10565
Boopathi M (2022) Henry maxnet: tversky index based feature selection and competitive swarm henry gas solubility optimization integrated deep maxout network for intrusion detection in IoT. Int J Intell Robot Appl 6(2):365–383
Carvalho LF, Abrão T, de Souza ML, Proença ML Jr (2018) An ecosystem for anomaly detection and mitigation in software-defined networking. Expert Syst Appl 104:121–133
Carvalho LF, Fernandes G, Rodrigues JJ, Mendes LS and Proença ML. (2017) “A novel anomaly detection system to assist network management in SDN environment”. In: 2017 IEEE international conference on communications (ICC), pp 1–6, IEEE, May
Chaudhary R, Kumar N (2019) LOADS: load optimization and anomaly detection scheme for software-defined networks. IEEE Trans Veh Technol 68(12):12329–12344
Chen JIZ, Smys S (2020) Social multimedia security and suspicious activity detection in SDN using hybrid deep learning technique. J Inf Technol 2(2):108–115
Dawoud A, Shahristani S and Raun C (2019) “Unsupervised deep learning for software defined networks anomalies detection”. In: transactions on computational collective intelligence XXXIII, pp 167–178, Springer, Berlin
Dey SK, Rahman MM (2019) Effects of machine learning approach in flow-based anomaly detection on software-defined networking. Symmetry 12(1):7
Elsayed MS, Le-Khac NA, Jahromi HZ and Jurcut AD (2021) “A hybrid CNN-LSTM based approach for anomaly detection systems in SDNs”. The 16th International Conference on Availability, Reliability and Security
El-Shamy AM, El-Fishawy NA, Attiya G, Mohamed MA (2021) Anomaly detection and bottleneck identification of the distributed application in cloud data center using software–defined networking. Egyptian Inform J 22(4):417–432
Garg G, Garg R (2015) Accurate anomaly detection using adaptive monitoring and fast switching in SDN. Int J Inform Technol Comput Sci (IJITCS) 7(11):34–42
Garg S, Kaur K, Kumar N, Rodrigues JJ (2019) Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in SDN: A social multimedia perspective. IEEE Trans Multimedia 21(3):566–578
Garg S, Singh A, Aujla GS, Kaur S, Batra S, Kumar N (2020) A probabilistic data structures-based anomaly detection scheme for software-defined Internet of vehicles. IEEE Trans Intell Transp Syst 22(6):3557–3566
Garg G and Garg R (2016) “Security of networks using efficient adaptive flow counting for anomaly detection in SDN”. In: artificial intelligence and evolutionary computations in engineering systems, pp 667–674, Springer, New Delhi
Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014a) Combining openflow and sflow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Netw 62:122–136
Giotis K, Androulidakis G, and Maglaris V (2014b) “Leveraging SDN for efficient anomaly detection and mitigation on legacy networks”, In: 2014b third European workshop on software defined networks pp 85–90, IEEE, Sept 2014b.
Ha T, Kim S, An N, Narantuya J, Jeong C, Kim J, Lim H (2016) Suspicious traffic sampling for intrusion detection in software-defined networks. Comput Netw 109:172–182
He D, Chan S, Ni X, Guizani M (2017) Software-defined-networking-enabled traffic anomaly detection and mitigation. IEEE Internet Things J 4(6):1890–1898
Hussein ZK and Dhannoon BN(2019) “Deep neural network with dropout for anomaly detection in software defined networking”. Int J Innov Technol Exploring Eng (IJITEE) ISSN 8(11):2278–3075
Jaber AN (2020) Rehman SU “FCM–SVM based intrusion detection system for cloud computing environment.” Cluster Comput 23:3221–3231
Jafarian T, Masdari M, Ghaffari A, Majidzadeh K (2020) Security anomaly detection in software-defined networking based on a prediction technique. Int J Commun Syst 33(14):4524
Jafarian T, Masdari M, Ghaffari A, Majidzadeh K (2021) SADM-SDNC: security anomaly detection and mitigation in software-defined networking using C-support vector classification. Computing 103(4):641–673
Jung O, Smith P, Magin J and Reuter L (2019) “Anomaly detection in smart grids based on software defined networks”. In: SMARTGREENS, pp 157–164
Karakus M, Durresi A (2017) Quality of service (QoS) in software defined networking (SDN): a survey. J Netw Comput Appl 80:200–218
Karmakar KK, Varadharajan V, Tupakula U (2019) Mitigating attacks in software defined networks. Cluster Comput 22(4):1143–1157
Kreutz D, Ramos FM and Verissimo P (2013) “Towards secure and dependable software-defined networks”. In: proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pp 55–60, Aug
KURT Ç and Erdem OA, (2020) Real-time anomaly detection and mitigation using streaming telemetry in SDN. Turkish J Electric Eng Comput Sci 28(5):2448–2466
Kwon D, Natarajan K, Suh SC, Kim H and Kim J (2018) “An empirical study on network anomaly detection using convolutional neural networks”. In: ICDCS, pp 1595–1598, July
Lai YC, Zhou KZ, Lin, SR and Lo, NW (2019) “F1ow-based anomaly detection using multilayer perceptron in software defined networks”, In: 2019 42nd international convention on information and communication technology, electronics and microelectronics (MIPRO), pp 1154–1158, IEEE, May 2019
Lee S, Kim J, Shin S, Porras P and Yegneswaran V (2017) “Athena: a framework for scalable anomaly detection in software-defined networks”. In: 2017 47th annual IEEE/IFIP international conference on dependable systems and networks (DSN), pp 249–260, IEEE, June
Li Q, Liu Y, Liu Z, Zhang P, Pang C (2021) Efficient forwarding anomaly detection in software-defined networks. IEEE Trans Parallel Distrib Syst 32(11):2676–2690
Madhawa S, Balakrishnan P, Arumugam U (2018) Employing invariants for anomaly detection in software defined networking based industrial internet of things. J Intell Fuzzy Syst 35(2):1267–1279
Mehdi SA, Khalid J and Khayam SA (2011) “Revisiting traffic anomaly detection using software defined networking”. In: International workshop on recent advances in intrusion detection pp 161–180, Springer, Berlin, 2011
Mukkesh Ganesh, B Saleena, and B Prakash (2022) "Knowledge engineering challenges in smart healthcare data analysis system". Handbook Intell Healthcare Analyt Knowledge Eng Big Data pp 285
Nazar MJ, Alhudhaif A, Qureshi KN, Iqbal S and Jeon G (2021) “Signature and flow statistics based anomaly detection system in software-defined networking for 6G internet of things network”. International J Syst Assurance Eng Manage pp1–11
Novaes MP, Carvalho LF, Lloret J, Proença ML (2020) Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment. IEEE Access 8:83765–83781
Peng H, Sun Z, Zhao X, Tan S, Sun Z (2018) A detection method for anomaly flow in software defined network. IEEE Access 6:27809–27817
Phan TV, Nguyen TG, Dao NN, Huong TT, Thanh NH, Bauschert T (2020) Deep guard: efficient anomaly detection in SDN with fine-grained traffic flow monitoring. IEEE Trans Netw Serv Manage 17(3):1349–1362
Poornima N, Saleena B (2020) An automated approach to retrieve lecture videos using context based semantic features and deep learning. Sādhanā 45(1):1–11
Qin Y, Wei J and Yang W (2019) “Deep learning based anomaly detection scheme in software-defined networking”. In: 2019 20th Asia-Pacific network operations and management symposium (APNOMS) pp.1–4, IEEE, Sept 2019
Qin J, Zhang X and Li P (2020) “anomaly detection based on feature correlation and influence Degree in SDN”. In: 2020 international conferences on internet of things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (smartdata) and IEEE congress on cybermatics (Cybermatics) pp 186–192, IEEE, Nov
Rama Krishna Meher (2021) Hybrid grasshopper optimization and bat algorithm based DBN for intrusion detection in cloud. Multimedia Res 4(4):31–38
Ribeiro ADRL, Santos RYC and Nascimento, ACA (2021) “Anomaly detection technique for intrusion detection in SDN environment using continuous data stream machine learning algorithms”. In 2021 IEEE international systems conference (SysCon), pp 1–7, IEEE, Apr
Rinaldi G, Adamsky F, Soua R, Baiocchi A and Engel T (2019) “Softwarization of SCADA: lightweight statistical SDN-agents for anomaly detection”. In: 2019 10th international conference on networks of the future (NoF), pp 102–109, IEEE, Oct
Sahri NM, Okamura K (2016) Adaptive query rate for anomaly detection with SDN. IJCSNS 16(6):43
Said Elsayed M, Le-Khac NA, Dev S and Jurcut AD (2020) “Network anomaly detection using LSTM based autoencoder”, In: proceedings of the 16th ACM symposium on qos and security for wireless and mobile networks, pp 37–45, Nov
Sampaio LS, Faustini PH, Silva AS, Granville LZ and Schaeffer-Filho A (2018) “Using NFV and reinforcement learning for anomalies detection and mitigation in SDN”. In: 2018 IEEE symposium on computers and communications (ISCC), pp 00432–00437, IEEE, June
Satheesh N, Rathnamma MV, Rajeshkumar G, Sagar PV, Dadheech P, Dogiwal SR, Velayutham P, Sengan S (2020) Flow-based anomaly intrusion detection using machine learning model with software defined networking for openflow network. Microprocess Microsyst 79:103285
Sathya R, Saleena B (2022) A framework for designing unsupervised pothole detection by integrating feature extraction using deep recurrent neural network. Wireless Personal Commun 126(2):1241–1271
Shafi Q, Basit A, Qaisar S, Koay A, Welch I (2018) Fog-assisted SDN controlled framework for enduring anomaly detection in an IoT network. IEEE Access 6:73713–73723
Shafi Q, Qaisar S, and Basit A (2019) “Software defined machine learning based anomaly detection in fog based iot network”, In: international conference on computational science and its applications, pp 611–621, Springer, Cham, July 2019
Starke A, McNair J, Trevizan R, Bretas A, Peeples J and Zare A“(2018) Toward resilient smart grid communications using distributed sdn with ml-based anomaly detection”. In: international conference on wired/wireless internet communication, pp 83–94, Springer, Cham, June
Sun R, Zhang S, Yin C, Wang J (2019) Min S “strategies for data stream mining method applied in anomaly detection.” Cluster Comput 22(2):399–408
Tuan A Tang, Lotfi Mhamdi, Des McLernon, Syed Ali Raza Zaidi, and Mounir Ghogho (2016) “Deep learning approach for network intrusion detection in software defined networking”. In: 2016 international conference on wireless networks and mobile communications (WINCOM), IEEE, pp 258–263
Tantar E, Tantar AA, Kantor M and Engel T (2018) “On using cognition for anomaly detection in SDN”, In EVOLVE-A bridge between probability, set oriented numerics, and evolutionary computation VI. Pp 67-81, Springer, Cham
Tuan NN, Nghia ND, Hung PH, Tuyen DK, Hieu NM, Hung NT and Thanh NH (2021) “An abnormal network traffic detection scheme using local outlier factor in SDN”. In: 2020 IEEE eighth international conference on communications and electronics (ICCE) pp 141–146, IEEE, Jan
Wang J (2019) Xia L “abnormal behavior detection in videos using deep learning.” Cluster Comput 22(4):9229–9239
Wang M, Zhou H, Chen J (2018) A moving window principal components analysis based anomaly detection and mitigation approach in SDN network. KSII Trans Int Inform Sys (TIIS) 12(8):3946–3965
Wang B, Sun Y, Xu X (2019) Loose game theory based anomaly detection scheme for SDN-based mMTC services. IEEE Access 7:139350–139357
Wang B, Sun Y, Xu X (2020) A scalable and energy-efficient anomaly detection scheme in wireless SDN-based mMTC networks for IoT. IEEE Internet Things J 8(3):1388–1405
Xia W, Wen Y, Foh CH, Niyato D, Xie H (2015) A survey on software-defined networking. IEEE Commun Surv Tutorials 17(1):27–51
Yin C, Zhang S, Yin Z (2019) Wang J “anomaly detection model based on data stream clustering.” Cluster Comput 22:1729–1738
You-Chiun Wang and Siang-Yu You (2018) An efficient route management framework for load balance and overhead reduction in SDN-based data center networks. IEEE Trans Net Service Manage 15(4):1422–1434
Zhang P, Zhang F, Xu S, Yang Z, Li H, Li Q, Wang H, Shen C, Hu C (2020) Network-wide forwarding anomaly detection and localization in software defined networks. IEEE/ACM Trans Networking 29(1):332–345
Zhou L, Shu J and Jia X (2020)“Collaborative anomaly detection in distributed SDN”, In: GLOBECOM 2020–2020 IEEE global communications conference, pp. 1–6, IEEE
Acknowledgements
I would like to express my very great appreciation to the co-authors of this manuscript for their valuable and constructive suggestions during the planning and development of this research work.
Funding
This research did not receive any specific funding.
Author information
Authors and Affiliations
Contributions
All authors have made substantial contributions to conception and design, revising the manuscript, and the final approval of the version to be published. Also, all authors agreed to be accountable for all aspects of the work in ensuring that questions related to the accuracy or integrity of any part of the work are appropriately investigated and resolved.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflict of interest.
Ethical approval
Not Applicable.
Informed consent
Not Applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Raja, N.M., Vegad, S. An empirical study for the traffic flow rate prediction-based anomaly detection in software-defined networking: a challenging overview. Soc. Netw. Anal. Min. 13, 72 (2023). https://doi.org/10.1007/s13278-023-01057-0
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s13278-023-01057-0