A Dataset for Detecting Intrusion in Software Defined Networking Infrastructures

Abstract

Traditional networking works solely on the responsibility of hardwares (routers, switches) in moving the data between networks and calculating the routing table through various algorithms. Software Defined Network (SDN) is a networking phenomenon that moves the individual control plane of each networking device to a centralized SDN controller. Thus the decision making is moved to a centralized software system. This method is used to reduce the complexity of large infrastructures into a central controlling device. SDN allows dynamic and programmatically efficient network management of large corporations for network administrators. Due to its ease of use and implementation, this method is widely implemented into many of the top data center’s networking environments. As a crucial networking component, it is of high importance to maintain security mechanisms for SDN implemented scenarios. Because of the sensitivity of the networking infrastructures it covers, cyberattacks on SDN powered data centers or companies are very common. Intrusion detection systems here can aid the way in monitoring malicious activities into the network. Traditional networking has had much research on them for IDS but their solutions don't work well when implemented in an SDN specific environment. The IDS that exists are trained on non-SDN environments mostly and the SDN specific dataset is outdated and needs more new attack type data in them. The lack of dataset collected on SDN environments is stopping researchers from making advancements into making IDS specific to SDN environments. Also, the existing dataset lacks real world scenario-based implementations and up-to-date data. This proposed research aims to mitigate such issues by creating a dataset that resembles a real world based complex scenario by attacking a simulated environment with windows, linux systems and various services that use software defined networking systems.