Designing a Network Intrusion Detection System based on Machine Learning for Software-Defined Networks

Today, the increasing development of computer networks and their wide application in human life have made it clear that these networks need to be secured. Therefore, various tools and equipment are used to ensure security, including the intrusion detection system. Given that most networks without a fixed infrastructure based on cloud computing face various security challenges, in recent years, different methods have used the distributed software-based network to deal with these challenges. This technology, while having many capabilities, faces vulnerabilities against some common threats and destructive factors, such as the distributed denial of service attack. A review of various studies shows that in order to eliminate vulnerabilities, the integration of defense solutions appropriate to the structure of the software-based network should be considered. Therefore, the aim of this research is to design a network intrusion detection system based on machine learning for software networks. This research was conducted with the XGBoost algorithm, which implements a decision tree with gradient boosting, which is designed for better speed and performance. In this method, we can have a Loss function that calculates the distance of the classifier from the final result. N trees are created and each one is assigned a coefficient, and the sum of these weights in each tree is the learning rate of that tree. Based on the research results, the proposed method of this research is to use XGBoost, which has shown very good performance compared to previous methods. Based on this method, it can be seen that the best method for intrusion detection and detection is to use the XGBoost algorithm, based on which an accuracy of over 92% can be achieved. With these interpretations, the proposed system can be practically implemented, given that it uses real and existing data sets, and it can be used in existing operational environments for error detection.