Özet:

Abstract Deep packet inspection (DPI) has drawn a lot of interest in software-defined networking (SDN) because sophisticated assaults might smuggle harmful payloads into packets. Third-party proprietary pattern-based or port-based DPI solutions may struggle to handle a large amount of data flow effectively. In order to provide adaptive and effective packet assessment, a unique stacked autoencoder based Convolutional Neural Network (SA-CNN) approach is described in this research. The first step in SA-CNN's early detection prescription is to scan each new flow's IP address through SA-CNN. Following that, SA-CNN enables profound packet assessment at the packet-level granularity: (i) for unencrypted packets, stacked autoencoder extract the features of reachable payloads, together with tri-gram incidence based on Term Frequency and Inverted Document Frequency (TF-IDF) and linguistic properties. These qualities are combined into a sparse matrix representation rather than matching with particular pattern combinations in order to train a CNN classifier. The SA-CNN presents an adaptive packet sampling window that utilizes linear prediction to balance the degree of detection precision as well as the bottleneck of the SDN controller; and (ii) for encrypted packets, the SA-CNN extracts salient features from packets and then trains a CNN classified with a another methods, slightly than decrypting the encrypted traffic to compromise user solitude. On the Mininet platform and Ryu SDN controller, an SA-CNN prototype is put into operation. Through experiments, the presentation and overhead of the suggested explanation are evaluated with datasets from the actual world. The arithmetical outcomes show that SA-CNN can significantly increase detection accuracy while maintaining reasonable overheads.

Anahtar Kelimeler: