ENHANCING INTRUSION DETECTION IN SOFTWARE-DEFINED NETWORKS THROUGH ENSEMBLE LEARNING TECHNIQUES

Abstract

The paper recommendations consist of a better method of intrusion detection in Software-Defined Networks (SDNs) by the joint methods of ensemble learning. The article reveals the latent issue of flexibility, scalability and robustness on network security under the foundation of diverse machine learning algorithms, Support Vector Machine (SVM), Random Forest (RF), K-Nearest Neighbors (KNN) separately and in combination. The three different sets of collected data used in Kaggle repositories that incorporate the general network intrusion, attack specific in the IoT, and SDN specific conditions were used to conduct experiments. The model optimization consisted of the rigorous preprocessing, the feature engineering and model tuning. The findings show that the ensemble model performance has been higher at all times, the accuracy score is over 99.5 and F1 scores are close to 0.99 under all the evaluating conditions. The comparative analysis also established that even though the good performance was convincingly achieved with the individual models, the collective approach is superior in enhancing the overall performance of the generalization as well as the false alarms especially in the heterogeneous and the high-traffic conditions such as the case with SDNs of the modern and the internet of things networks. The technical discussion shows the practicality and the practical outcomes of the ensemble learning such as its ability to accommodate the imbalance of the classes, the high dimensional feature space, and the dynamical traffic pattern. This study concludes by finding that ensemble learning offers scalable, powerful, and explainable architecture of the state-of-the-art intrusion detection. The subsequent steps are explainable AI and federated learning and ML to provide more transparency, privacy, and automation to real-time implementations of network security.