مصطفي الزبيدي

This thesis aims to address the pressing issue of security an‎d privacy in SDN networks by introducing a Federated Learning-based Distributed Intrusion Detection System (FL-DIDS) for Software Defined Networks (SDN), addressing the inherent trade-off between central management an‎d decentralized security. In traditional SDN-based intrusion detection systems, data aggregation is done in a centralized fashion, making communication slower an‎d more expensive, while also being risky to the privacy of the system. On the other han‎d, a completely decentralized system would negate the global knowledge of the SDN controller. Though there has been some research done on FL-based IDS (Intrusion Detection Systems) in the past, the existing solutions have difficulty han‎dling data that is not Independent an‎d Identically Distributed an‎d have not been validated using IoT data sets. The proposed Hierarchical FL-based SDN architecture would overcome these problems by allowing data plane devices to perform local model training an‎d the SDN controller to perform global aggregation. A lightweight MLP model an‎d the FedProx algorithm were employed to ensure the convergence of the model even in the presence of a non-IID data distribution, which is common in networks due to the presence of different devices. The TON-IoT dataset was used for testing the practicality of the model. This showed the practicality of IoT-based multi-vector attacks like DDoS, ransomware, an‎d backdoor attacks. The performance of the proposed Federated Learning framework is shown to achieve a high F1-score of 0.9582 on the test set. This is a high performance for the model, showing a reduction of merely 2.56% compared to a completely centralized approach. Moreover, the convergence analysis showed that the model was able to converge in a matter of nine communication rounds. It was also found that the best performance was achieved at a communication cost of 1.5 MB. This shows the practicality of the Hierarchical Federated Learning approach for the SDN-IoT architecture. This thesis thus proves the architectural framework for the improvement of the field of distributed network security while ensuring the privacy of users. Moreover, the privacy of users is ensured due to the local processing of the data an‎d the use of the Hierarchical Federated Learning approach.

شبكه‌هاي نرم‌افزارمحور (SDN) , يادگيري فدرال (FL) , سيستم تشخيص نفوذ توزيع‌ شده (DIDS)،

Software-Defined Networking (SDN) , Federated Learning (FL) , Distributed Intrusion Detection System (DIDS)

MUSTAFA ALZUABIDI

Dr. Naser Mozayani