Detection of Flow Based Anomaly in OpenFlow Controller: Machine Learning Approach in Software Defined Networking

Software Defined Networking (SDN) has come to prominence in recent years and demonstrates an enormous potential in shaping the future of networking by separating control plane from data plane. OpenFlow is the first and most widely used protocol that makes this separation possible in the first place. As a newly emerged technology, SDN has its inherent security threats that can be eliminated or at least mitigated by securing the OpenFlow controller that manages flow control in SDN. SDN provides us a chance to strengthen our network security by decoupling its control plane and data plane. At this level, there also exists some certain risk, which is associated with this technology. In this research, a flow based anomaly detection method in OpenFlow controller have been approached by using machine-learning algorithms in SDN architecture. In order to improve the classifier performance, some feature selection methods namely Info Gain, Gain Ratio, CFS Subset Evaluator, Symmetric Uncertainty, and Chi-square test have been applied as a processing of dataset. A full dataset of 41 features and a reduced dataset has experimented. A dataset with feature selection ensures the highest accuracy of nearly 82% with Random Forest classifier using Gain Ratio feature selection Evaluator. Experimental results ratify that machine-learning approach with feature selection method indices strong potential for the detection of flow based anomaly in OpenFlow controller.