Ensemble-Based Classification of Software-Defined Network (SDN) Attacks Traffic.

Saved in:
Bibliographic Details
Title: Ensemble-Based Classification of Software-Defined Network (SDN) Attacks Traffic.
Authors: Isaiah, Aladesote Olomi1 gs57427@student.upm.edu.my, Abdullah, Azizol1 azizol@upm.edu.my, Samian, Normalia1 normalia@upm.edu.my, Hanapi, Zurina Mohd.1 zurinamh@upm.edu.my
Source: Engineering Letters. May2026, Vol. 34 Issue 5, p1826-1841. 16p.
Subjects: Software-defined networking, Ensemble learning, Feature selection, Machine learning, Computer network security, Intrusion detection systems (Computer security), Sampling (Process)
Abstract: Software-Defined Networking (SDN) has emerged as a transformative paradigm for modernizing network infrastructures. It enables seamless integration with next-generation technologies such as IoT, Cloud Computing, Artificial Intelligence (AI), and Quantum Computing. Despite its architectural advantages, SDN's centralized control plane introduces critical security vulnerabilities, necessitating the deployment of advanced Intrusion Detection Systems (IDS). This study therefore assesses the effectiveness of three ensemble learning techniques - Voting, Stacking, and Bagging - and a hybrid ensemble model, MultiBoosting. The models were evaluated using both the complete and feature-selected subsets of the SDN-based features of the InSDN dataset, with feature selection performed via Information Gain and Correlation-based methods. The study also employs the Synthetic Minority Over-sampling Technique (SMOTE) to address class imbalance. The experimental results reveal that the proposed approach achieves a weighted F1-score average of 0.3362 on selected SDN features, surpassing the Novel Approach (0.3339) and the baseline InSDN method (0.3299). On the complete feature set, the proposed model also demonstrates superior performance with a weighted average of 0.5036, compared to 0.4964 for the Novel Approach. The proposed method consistently outperforms the existing techniques on both full and reduced feature sets across key SDN-related attack categories--including Botnet, DoS, DDoS, Probe, U2R, PGA, and Web Attacks. The only exception is DDoS classification, where the proposed and InSDN approaches exhibit identical performance on the reduced feature set. [ABSTRACT FROM AUTHOR]
Copyright of Engineering Letters is the property of International Association of Engineers (IAENG) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Links:
  – Type: pdflink
Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 193453938
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Ensemble-Based Classification of Software-Defined Network (SDN) Attacks Traffic.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Isaiah%2C+Aladesote+Olomi%22">Isaiah, Aladesote Olomi</searchLink><relatesTo>1</relatesTo><i> gs57427@student.upm.edu.my</i><br /><searchLink fieldCode="AR" term="%22Abdullah%2C+Azizol%22">Abdullah, Azizol</searchLink><relatesTo>1</relatesTo><i> azizol@upm.edu.my</i><br /><searchLink fieldCode="AR" term="%22Samian%2C+Normalia%22">Samian, Normalia</searchLink><relatesTo>1</relatesTo><i> normalia@upm.edu.my</i><br /><searchLink fieldCode="AR" term="%22Hanapi%2C+Zurina+Mohd%2E%22">Hanapi, Zurina Mohd.</searchLink><relatesTo>1</relatesTo><i> zurinamh@upm.edu.my</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Engineering+Letters%22">Engineering Letters</searchLink>. May2026, Vol. 34 Issue 5, p1826-1841. 16p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Software-defined+networking%22">Software-defined networking</searchLink><br /><searchLink fieldCode="DE" term="%22Ensemble+learning%22">Ensemble learning</searchLink><br /><searchLink fieldCode="DE" term="%22Feature+selection%22">Feature selection</searchLink><br /><searchLink fieldCode="DE" term="%22Machine+learning%22">Machine learning</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+network+security%22">Computer network security</searchLink><br /><searchLink fieldCode="DE" term="%22Intrusion+detection+systems+%28Computer+security%29%22">Intrusion detection systems (Computer security)</searchLink><br /><searchLink fieldCode="DE" term="%22Sampling+%28Process%29%22">Sampling (Process)</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Software-Defined Networking (SDN) has emerged as a transformative paradigm for modernizing network infrastructures. It enables seamless integration with next-generation technologies such as IoT, Cloud Computing, Artificial Intelligence (AI), and Quantum Computing. Despite its architectural advantages, SDN's centralized control plane introduces critical security vulnerabilities, necessitating the deployment of advanced Intrusion Detection Systems (IDS). This study therefore assesses the effectiveness of three ensemble learning techniques - Voting, Stacking, and Bagging - and a hybrid ensemble model, MultiBoosting. The models were evaluated using both the complete and feature-selected subsets of the SDN-based features of the InSDN dataset, with feature selection performed via Information Gain and Correlation-based methods. The study also employs the Synthetic Minority Over-sampling Technique (SMOTE) to address class imbalance. The experimental results reveal that the proposed approach achieves a weighted F1-score average of 0.3362 on selected SDN features, surpassing the Novel Approach (0.3339) and the baseline InSDN method (0.3299). On the complete feature set, the proposed model also demonstrates superior performance with a weighted average of 0.5036, compared to 0.4964 for the Novel Approach. The proposed method consistently outperforms the existing techniques on both full and reduced feature sets across key SDN-related attack categories--including Botnet, DoS, DDoS, Probe, U2R, PGA, and Web Attacks. The only exception is DDoS classification, where the proposed and InSDN approaches exhibit identical performance on the reduced feature set. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Engineering Letters is the property of International Association of Engineers (IAENG) and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=193453938
RecordInfo BibRecord:
  BibEntity:
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 16
        StartPage: 1826
    Subjects:
      – SubjectFull: Software-defined networking
        Type: general
      – SubjectFull: Ensemble learning
        Type: general
      – SubjectFull: Feature selection
        Type: general
      – SubjectFull: Machine learning
        Type: general
      – SubjectFull: Computer network security
        Type: general
      – SubjectFull: Intrusion detection systems (Computer security)
        Type: general
      – SubjectFull: Sampling (Process)
        Type: general
    Titles:
      – TitleFull: Ensemble-Based Classification of Software-Defined Network (SDN) Attacks Traffic.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Isaiah, Aladesote Olomi
      – PersonEntity:
          Name:
            NameFull: Abdullah, Azizol
      – PersonEntity:
          Name:
            NameFull: Samian, Normalia
      – PersonEntity:
          Name:
            NameFull: Hanapi, Zurina Mohd.
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 05
              Text: May2026
              Type: published
              Y: 2026
          Identifiers:
            – Type: issn-print
              Value: 1816093X
          Numbering:
            – Type: volume
              Value: 34
            – Type: issue
              Value: 5
          Titles:
            – TitleFull: Engineering Letters
              Type: main
ResultId 1