Software Defined Networking (SDN) has revolutionized network administration by providing centralized management through software, enabling traffic adjustment independent of the data plane. Despite the benefits, SDN networks are prone to security threats from external sources, thus necessitating the implementation of security measures. Unfortunately, most existing efforts have been just a simple mapping of earlier solutions into the SDN environments. This paper addresses the problem of SDN security based on deep learning in a purely native SDN environment, where a Deep Learning intrusion detection module is tailored to a native SDN environment. In particular, we propose a hybrid Deep AutoEncoder with a Random Forest classifier model (DAERF) to enhance intrusion detection performance in a native SDN environment. The proposed model is incorporated into a novel adaptive framework for attack mitigation in SDN environments. The proposed framework consists of a three-layer protection mechanism for detecting and preventing attacks. It is based on entropy-based detection, hybrid machine learning in the control layer and proactive services monitoring in the application layer. Experimental results have shown that our DEARF proposed autoencoder model achieved anomaly detection rates in excess of 98% in stand-alone mode as well as when incorporated within the framework, making it highly solution for next generation SDN networks.

中文翻译：

---

确保 SDN 安全：用于入侵检测和攻击缓解的混合自动编码器随机森林

软件定义网络 (SDN) 通过软件提供集中管理，实现了独立于数据平面的流量调整，彻底改变了网络管理。尽管有这些好处，SDN网络很容易受到来自外部的安全威胁，因此需要实施安全措施。不幸的是，大多数现有的工作只是早期解决方案到 SDN 环境的简单映射。本文解决了纯原生SDN环境中基于深度学习的SDN安全问题，其中深度学习入侵检测模块是针对原生SDN环境量身定制的。特别是，我们提出了一种带有随机森林分类器模型（DAERF）的混合深度自动编码器，以增强本机 SDN 环境中的入侵检测性能。所提出的模型被纳入一个新颖的自适应框架中，用于 SDN 环境中的攻击缓解。所提出的框架由用于检测和防止攻击的三层保护机制组成。它基于基于熵的检测、控制层的混合机器学习和应用层的主动服务监控。实验结果表明，我们的 DEARF 提出的自动编码器模型在独立模式以及合并到框架中时实现了超过 98% 的异常检测率，使其成为下一代 SDN 网络的高度解决方案。