A new machine learning-based hybrid intrusion detection system and intelligent routing algorithm for MPLS network
Machine Learning (ML) is seen as a promising application that offers autonomous learning and provides optimized solutions to complex problems. The current Multiprotocol Label Switching (MPLS) network is packed with exponentially increasing applications and different Quality-of-Services (QoS) r...
Saved in:
Main Author: | |
---|---|
Format: | text::Thesis |
Language: | English |
Published: |
2023
|
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Machine Learning (ML) is seen as a promising application that offers autonomous
learning and provides optimized solutions to complex problems. The current
Multiprotocol Label Switching (MPLS) network is packed with exponentially
increasing applications and different Quality-of-Services (QoS) requirements. The
conventional QoS methods can only work to some extent, but as the network is getting
complex and congested, it will become challenging to satisfy the QoS requirements in
the MPLS network. In addition, conventional QoS methods do not learn from past
experiences, and in the event of the same network occurrences, the same decisions will be given, which will lead to an uncontrollable increase in delay. On top of that, the
MPLS network is vulnerable to cybersecurity threats. The fixed rule-based intrusion
detection system (IDS) mechanism demonstrates flaws when exposed to threats such
as Denial-of-Service (DoS) attacks. As a result, legitimate users are barred from
utilizing the service from the MPLS network. This thesis proposes a hybrid ML-based
intrusion detection system (ML-IDS) and ML-based intelligent routing algorithm (ML-RA) for MPLS network. The research is divided into three parts, which are (1) dataset
development, (2) algorithm development, and (3) algorithm performance evaluation.
The dataset development for both algorithms is carried out via simulations in Graphical
Network Simulator 3 (GNS3). The datasets are then fed into MATLAB to train ML
classifiers and regression models to classify the incoming traffic as normal or attack
and predict traffic delays for all available routes, respectively. Only the normal traffic
predicted by the ML-IDS algorithm will be allowed to enter the network domain, and
the route with the fastest delay predicted by the ML-RA is assigned for routing. For
algorithm performance evaluation, the ML-IDS is compared with ML-CICIDS-59 and
ML-CICIDS-45, which are IDS trained using the CICIDS-2018 dataset after
performing feature engineering. The result shows that the proposed ML-IDS
outperformed both by 19.15%, 99.26%, and 40.48% in terms of accuracy, recall, and
F-measure, respectively. The run-time was significantly reduced by 94.45%, which
simultaneously indicates low computational works. The proposed ML-IDS achieved
outstanding performance, with 24% reduction from the original size of the CICIDS-2018 dataset. Next, the ML-based routing algorithm is compared to the conventional
routing algorithm, Routing Information Protocol version 2 (RIPv2). From performance
evaluations, the ML-RA shows 100% accuracy in predicting the fastest route in the
network for all cases. During network congestion, the proposed ML outperforms the
RIPv2 in terms of delay and throughput on average by 57.61% and 46.57%,
respectively. Finally, a testbed that resembles the same architecture as per simulations
for performance study purposes is developed. The results show that the selected route, trend of delay, and throughput for both testbed and simulations are verified. The
performance evaluations proved that a small-scale yet robust ML-IDS algorithm is
successfully developed to classify traffic and blocking attack traffic, while proposed
ML-RA successfully offer better delay and throughput performance than the RIPv2
routing protocol. |
---|