Software Defined Network Enabled Fog-to-Things Hybrid Deep Learning Driven Cyber Threat Detection System

Software Defined Network (SDN) is a next-generation networking architecture and its power lies in centralized control intelligence. The control plane of SDN can be extended to many underlying networks such as fog to Internet of Things (IoT). The fog-to-IoT is currently a promising architecture to manage a real-time large amount of data. However, most of the fog-to-IoT devices are resource-constrained and devices are widespread that can be potentially targeted with cyber-attacks. The evolving cyber-attacks are still an arresting challenge in the fog-to-IoT environment such as Denial of Service (DoS), Distributed Denial of Service (DDoS), Infiltration, malware, and botnets attacks. They can target varied fog-to-IoT agents and the whole network of organizations. The authors propose a deep learning (DL) driven SDN-enabled architecture for sophisticated cyber-attacks detection in fog-to-IoT environment to identify new attacks targeting IoT devices as well as other threats. The extensive simulations have been carried out using various DL algorithms and current state-of-the-art Coburg Intrusion Detection Data Set (CIDDS-001) flow-based dataset. For better analysis five DL models are compared including constructed hybrid DL models to distinguish the DL model with the best performance. The results show that proposed Long Short-Term Memory (LSTM) hybrid model outperforms other DL models in terms of detection accuracy and response time. To show unbiased results 10-fold cross-validation is performed. The proposed framework is so effective that it can detect several types of cyber-attacks with 99.92% accuracy rate in multiclass classification.