Publication

Abstract : Software-defined networking (SDN) have emerged as a popular approach to manage network traffic in data centers. By separating the control plane from the data plane, SDN enables intelligent controllers to manage network traffic in real-time, which offers greater flexibility and fine-grained control over network policies. However, SDN is vulnerable to attacks that compromise the control plane, which can have serious consequences for the entire network. For instance, an attacker could attack the control plane and manipulate network traffic to cause a denial-of-service (DoS) attack or steal sensitive data. To address this problem, this paper proposes an architectural design change to enhance the security of the SDN controller and flow. Extensive analysis is performed to evaluate the performance of different machine learning algorithms on a dataset of malicious network traffic. Classification of the network traffic is performed using popular algorithms, such as Decision Trees, Random Forest, K-Means, and SVC algorithms as either benign or malicious. Followed by model performance is traced back using explainable AI. Results showed that Hybrid Random Forest-Decision tree Tree classified the traffic with highest accuracy of 98% compared to previous models. Our goal was to determine which algorithm performed best on this type of dataset, and to assess the effectiveness of each algorithm in detecting different types of attacks and finding a reasoning behind the performance of algorithm using explainable AI.