Design of Privacy-Preserving AI-Driven SDN Controller Using Federated Learning for Intrusion Detection

Abstract

The rapid development of network technologies and the growing sophistication of cyber threats have emphasized the necessity of smart, scalable and privacy-sensitive security solutions. Software-Defined Networking (SDN) is a system that offers centralized control and visibility of the network globally and as such is a fitting platform on which to build complex security mechanisms. Nevertheless, SDN-based traditional intrusion detection methods usually involve a centralized amount of data collection, posing serious questions about the privacy of data and scaling. This paper suggests designing a privacy-sensitive Artificial Intelligence (AI)-controlled SDN controller with Federated Learning (FL) to detect intrusions in a distributed manner. The SDN controller in the proposed architecture is complemented with smart modules, comprising of intrusion detection system (IDS), federated learning aggregation unit, and a decision engine. The distributed controllers are trained on their own data to obtain a local model (Deep Neural Network) and only the model parameters are communicated to a central controller to be aggregated. The model is tested with the help of the NSL-KDD dataset, in which the network traffic is categorized as normal and malicious. Experimental outcomes prove that the suggested FL-based model has high detection capabilities, with the accuracy of 96% and precision of over 90, which is better than the performance of the traditional non-federated models. The suggested system is successful in terms of data privacy, lowering the communication overhead, and increasing the scalability with a high detection accuracy. These findings suggest the implementation of federated learning in an AI-based SDN controller offers a powerful and effective framework to current network security.