International Journal on Advanced Science, Engineering and Information Technology, Vol. 13 (2023) No. 2, pages: 744-750, DOI:10.18517/ijaseit.13.2.9370

Botnet Detection Model in Encrypted Traffics Software-Defined Network (SDN) Using Deep Neural Network (DNN)

Rio Suneth, Heru Sukoco, Shelvie Nidya Neyman


The presence of network technology eliminates regional boundaries that become obstacles in communicating and exchanging data and information to the public. The wider the zone of a network, the network infrastructure will increase in size. The bigger the network infrastructure, the higher the level of management complexity. The Software Defined Network (SDN) concept is a new network concept that provides a solution for managing large infrastructure networks and has a wide service zone. SDN architecture is different from traditional networks. The SDN architecture is divided into three: the data plane, control plane, and application plane. Whereas in the traditional network architecture, the three are combined into one. Besides, in maintaining network security. SDN offers a security system, namely the OpenFlow Protocol. The OpenFlow Protocol security system works to regulate the packet traffic that passes. Forwards registered packet data traffic and performs down the action for unknown packet traffic. The weakness is that the OpenFlow Protocol must always be updated with SDN network packet traffic, and the system cannot detect the threat of attacks on encryption traffic. Nowadays, the frequency of attacks on network traffic is relatively high. The attack techniques used also evolved. The techniques used are also evolving. Botnets have been able to use several encryption protocols such as TLS / HTTPS, Tor, and P2P as loopholes to attack a network. SDN's presence as a management solution for large infrastructure networks is not directly proportional to its security system that undoubtedly have a bad impact on SDN network users. Therefore, this study aims to develop an SDN Network Intrusion Detection System (IDS) model to detect botnets in encryption traffic. The model was developed using the Deep Neural Network (DNN) approach. The SDN network botnet detection model developed can detect encryption traffic botnets with an accuracy rate of 94.78%, 93.28% precision, and a recall of 99.11%.


Botnet; deep neural network; encrypted traffic; software-defined network

Viewed: 1133 times (since abstract online)

cite this paper     download