{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T14:25:27Z","timestamp":1774967127733,"version":"3.50.1"},"reference-count":59,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2018,1,12]],"date-time":"2018-01-12T00:00:00Z","timestamp":1515715200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Peer-to-Peer Netw. Appl."],"published-print":{"date-parts":[[2019,3]]},"DOI":"10.1007\/s12083-017-0630-0","type":"journal-article","created":{"date-parts":[[2018,1,12]],"date-time":"2018-01-12T00:15:00Z","timestamp":1515716100000},"page":"493-501","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":414,"title":["Survey on SDN based network intrusion detection system using machine learning approaches"],"prefix":"10.1007","volume":"12","author":[{"given":"Nasrin","family":"Sultana","sequence":"first","affiliation":[]},{"given":"Naveen","family":"Chilamkurti","sequence":"additional","affiliation":[]},{"given":"Wei","family":"Peng","sequence":"additional","affiliation":[]},{"given":"Rabei","family":"Alhadad","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,1,12]]},"reference":[{"key":"630_CR1","unstructured":"Hewlett Packard Enterprise (2015) 2015 cost of cyber crime study: global, independently conducted by Ponemon institute LLC publication, Ponemon Institute research report. Avaiable https:\/\/www.accenture.com\/t20170926T072837Z__w__\/us-en\/_acnmedia\/PDF-61\/Accenture-2017-CostCyberCrimeStudy.pdf . Accessed 26 June 2017"},{"key":"630_CR2","unstructured":"Kreutz D, Ramos FMV, Verissimo PE, Rothenberg CE, Azodolmolky S (2015) Software-defines network- a comprehensive survey. Published in Proceedings of the IEEE, 103, 1"},{"key":"630_CR3","doi-asserted-by":"publisher","unstructured":"Aburomman AA, Reza MBI (2016) Survey of learning methods in intrusion detection systems. International conference on advances in electrical, electronic and system Engineering(ICAEES), Putrajaya, pp 362\u2013365. https:\/\/doi.org\/10.1109\/ICAEES.2016.7888070","DOI":"10.1109\/ICAEES.2016.7888070"},{"key":"630_CR4","doi-asserted-by":"crossref","unstructured":"Mehdi SA, Khalid J, Khaiyam SA (2011) Revisiting traffic anomaly detection using software defined networking. In: Sommer R, Balzarotti D, Maier G (eds) Recent Advances in Intrusion Detection. RAID 2011. Lecture Notes in Computer Science, vol 6961. Springer, Berlin, Heidelberg","DOI":"10.1007\/978-3-642-23644-0_9"},{"issue":"1-2","key":"630_CR5","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","volume":"28","author":"P Garc\u0131\u00b4a-Teodoroa","year":"2009","unstructured":"Garc\u0131\u00b4a-Teodoroa P, D\u0131\u00b4az-Verdejo J, Macia\u00b4-Ferna\u2019ndez G, Va\u00b4zquez E (2009) Anomaly-based network intrusion detection: Techniques, systems and challenges. J Comput Secur 28(1-2):18\u201328","journal-title":"J Comput Secur"},{"key":"630_CR6","doi-asserted-by":"publisher","unstructured":"Tuan TA, Mhamdi L, Mclernon D, Zaidi SAR, Ghogho M (2016) Deep learning approach for network intrusion detection in software defined networking. Int Conf Wirel Netw Mob Commun. https:\/\/doi.org\/10.1109\/WINCOM.2016.7777224","DOI":"10.1109\/WINCOM.2016.7777224"},{"key":"630_CR7","unstructured":"Open Networking Foundation (2013) SDN architecture overview, Version 1.0. Available https:\/\/www.opennetworking.org\/images\/stories\/downloads\/sdnresources\/technical-reports\/TR_SDN-ARCH-Overview-1.1-11112014.02.pdf . Accessed 27 June 2017"},{"key":"630_CR8","doi-asserted-by":"publisher","unstructured":"Niyaz Q, Sun W, Javaid AY (2016) A deep learning based DDoS detection system in software defined networking (SDN). CoRR abs\/1611.07400. https:\/\/doi.org\/10.4108\/eai.28-12-2017.153515","DOI":"10.4108\/eai.28-12-2017.153515"},{"key":"630_CR9","doi-asserted-by":"publisher","unstructured":"Sezer S, Scott-Hayward S, Chouhan PK (2013) Are we ready for SDN? Implementation challenges for software-defined networks. In: IEEE Communication Magazine, vol. 51, no. 7, pp 36\u201343. https:\/\/doi.org\/10.1109\/MCOM.2013.6553676","DOI":"10.1109\/MCOM.2013.6553676"},{"key":"630_CR10","unstructured":"Atkinson RC, Bellekens XJ, Hodo E, Hamilton A, Tachtatzis C (2017) Shallow and deep networks intrusion detection system: a taxonomy and survey. CoRR, arXiv preprint arXiv:1701.02145. 2017 Jan 9"},{"key":"630_CR11","unstructured":"Survey of Current Network Intrusion Detection Techniques https:\/\/www.cse.wustl.edu\/~jain\/cse571-07\/ftp\/ids\/ . Accessed 26 June 2017"},{"key":"630_CR12","unstructured":"Supervised and unsupervised machine learning algorithms http:\/\/machinelearningmastery.com\/supervised-and-unsupervised-machine learning-algorithms\/ . Accessed 20 June 2017"},{"key":"630_CR13","unstructured":"Zamani M, Movahedi M (2015) Machine learning techniques for intrusion detection. CoRR, arXiv preprint arXiv:1312.2177. 2017 Jan 9"},{"key":"630_CR14","doi-asserted-by":"crossref","unstructured":"Thaseen S, Kumar Ch (2013) An analysis of supervised tree based classifiers for intrusion detection system. In: Proceedings of the international conference on pattern recognition, informatics and mobile engineering (P RIME). Pp. 21\u201322","DOI":"10.1109\/ICPRIME.2013.6496489"},{"key":"630_CR15","unstructured":"Niyaz Q, Sun W, Javaid AY, Alam M (2016) A deep learning approach for network intrusion detection system. International conference wireless networks and mobile communications (WINCOM)"},{"key":"630_CR16","doi-asserted-by":"crossref","unstructured":"Zanero S, Savaresi SM (2004) Unsupervised learning techniques for an intrusion detection system. In: Proceedings of the ACM symposium on applied computing. Pages 412\u2013419","DOI":"10.1145\/967900.967988"},{"key":"630_CR17","doi-asserted-by":"crossref","unstructured":"Syarif I, Prugel-Bennett A, Wills G (2012) Unsupervised clustering approach for network anomaly detection. In: Benlamri R (eds) Networked Digital Technologies. NDT 2012. Communications in Computer and Information Science, vol 293. Springer, Berlin, Heidelberg","DOI":"10.1007\/978-3-642-30507-8_13"},{"key":"630_CR18","doi-asserted-by":"publisher","first-page":"11994","DOI":"10.1016\/j.eswa.2009.05.029","volume":"36","author":"C Tsai","year":"2009","unstructured":"Tsai C, Hsu Y, Lin C, Lin W (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36:11994\u201312000","journal-title":"Expert Syst Appl"},{"issue":"5","key":"630_CR19","doi-asserted-by":"publisher","first-page":"969","DOI":"10.1007\/s00521-015-2113-7","volume":"28","author":"KP Bennett","year":"2017","unstructured":"Bennett KP, Demiriz A (2017) Semi-supervised support vector machines. Neural Comput & Applic 28(5):969\u2013978","journal-title":"Neural Comput & Applic"},{"key":"630_CR20","doi-asserted-by":"crossref","unstructured":"Haweliya J, Nigam B (2014) Network intrusion detection using semi supervised support vector machine. Int J Comput Appl 85, 9","DOI":"10.5120\/14870-3245"},{"key":"630_CR21","doi-asserted-by":"publisher","unstructured":"Chen C, Gong Y, Tian Y (2008) Semi-supervised learning methods for network intrusion detection. Int Conf Sys, Man Cybern, IEEE. https:\/\/doi.org\/10.1109\/ICSMC.2008.4811688","DOI":"10.1109\/ICSMC.2008.4811688"},{"key":"630_CR22","unstructured":"Deep learning stand to benefit to data analytics and HPC expertise http:\/\/www.cio.com\/article\/3180184\/analytics\/deep-learning- stands-to- benefit-from-data-analytics-and-high-performance-computing-hpc-expertise.html . Accessed 3 July 2017"},{"key":"630_CR23","doi-asserted-by":"publisher","unstructured":"LeCun Y, Bengio Y, Hinton G (2015) Deep learning review. Weekly journal of science in nature international. Nature 521, doi: https:\/\/doi.org\/10.1038\/nature14539","DOI":"10.1038\/nature14539"},{"key":"630_CR24","unstructured":"Convolutional Neural Networks (2017) http:\/\/eric-yuan.me\/cnn\/ . Accessed 10 July 2017"},{"key":"630_CR25","doi-asserted-by":"crossref","unstructured":"Deng L, Yu D (2014) Deep learning methods and applications. Microsoft Research. Available https:\/\/www.microsoft.com\/en-us\/research\/publication\/deep-learning-methods-and-applications\/ . Accessed 10 July 2017","DOI":"10.1561\/2000000039"},{"key":"630_CR26","doi-asserted-by":"crossref","unstructured":"Alom MZ, Bontupalli VR, Taha TM (2015) Intrusion detection using deep belief networks. Aerospace and electronics conference, NAECON. IEEE","DOI":"10.1109\/NAECON.2015.7443094"},{"key":"630_CR27","unstructured":"Tutorial http:\/\/ufldl.stanford.edu\/tutorial\/supervised\/ConvolutionalNeuralNetwork\/ . Accessed June 15 2017"},{"key":"630_CR28","unstructured":"Vyas A (2017) Deep learning in natural language processing\u201d in mphasis, deep learning- NL_whitepaper"},{"key":"630_CR29","doi-asserted-by":"publisher","unstructured":"Hughes T, Mierle K (2013) Recurrent neural networks for voice activity detection IEEE International Conference on Acoustics, Speech and Signal Processing, Vancouver, BC, pp 7378\u20137382. https:\/\/doi.org\/10.1109\/ICASSP.2013.6639096","DOI":"10.1109\/ICASSP.2013.6639096"},{"key":"630_CR30","doi-asserted-by":"crossref","unstructured":"Salama MA, Eid HF, Ramadan RA, Darwish A, Hassanien AE (2011) Hybrid intelligent intrusion detection scheme. Soft computing in industrial applications in advances in intelligent and soft computing book series (AINSC, volume 96), pp 293\u2013303","DOI":"10.1007\/978-3-642-20505-7_26"},{"issue":"25","key":"630_CR31","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1016\/j.neucom.2012.11.050","volume":"122","author":"U Fiore","year":"2013","unstructured":"Fiore U, Palmieri F, Castiglione A, Santis AD (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122(25):13\u201323","journal-title":"Neurocomputing"},{"key":"630_CR32","unstructured":"Eid HFA, Darwish A, Hassanien AE, Abraham A (2010) Principal components analysis and support vector machine based intrusion detection system. International conference intelligent systems design and applications (ISDA)"},{"key":"630_CR33","doi-asserted-by":"publisher","unstructured":"Wang L, Jones R (2017) Big data analytics for network intrusion detection: a survey. Int J Netw Commun. https:\/\/doi.org\/10.5923\/j.ijnc.20170701.03","DOI":"10.5923\/j.ijnc.20170701.03"},{"key":"630_CR34","unstructured":"Open Networking Foundation (2014) SDN architecture, Issue 1 June 2014 ONF TR-502"},{"key":"630_CR35","doi-asserted-by":"publisher","unstructured":"Nunes BAA, Mendonca M, Nguyen XN, Obraczka K and Turletti T (2014) A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks. In IEEE Communications Surveys & Tutorials, vol 16, no. 3, pp 1617\u20131634, Third Quarter 2014. https:\/\/doi.org\/10.1109\/SURV.2014.012214.00180","DOI":"10.1109\/SURV.2014.012214.00180"},{"key":"630_CR36","doi-asserted-by":"crossref","unstructured":"Bakshi T (2017) State of the art and recent research advances in software defined networking. In Wireless Communications and Mobile Computing, 2017, 1530-8669, Hindawi Publishing Corporation","DOI":"10.1155\/2017\/7191647"},{"key":"630_CR37","doi-asserted-by":"publisher","unstructured":"Yan Q, Yu FR, Gong Q and Li J (2016) Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp 602\u2013622 Firstquarter 2016. https:\/\/doi.org\/10.1109\/COMST.2015.2487361","DOI":"10.1109\/COMST.2015.2487361"},{"key":"630_CR38","doi-asserted-by":"crossref","unstructured":"Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX\/OpenFlow. 35th Annual IEEE conference on local computer networks, Denver, Colorado","DOI":"10.1109\/LCN.2010.5735752"},{"key":"630_CR39","unstructured":"Open Networking Foundation, Jun (2014) [Online]. Available: https:\/\/www.opennetworking.org \/. Accessed 10 July 2017"},{"key":"630_CR40","doi-asserted-by":"publisher","unstructured":"Prete LR, Shinoda AA, Schweitzer CM, De Oliveira RLS (2014) Simulation in an SDN network scenario using the POX controller. 2014 I.E. Colombian Conference on Communications and Computing (COLCOM), Bogota, pp 1\u20136. https:\/\/doi.org\/10.1109\/ColComCon.2014.6860403","DOI":"10.1109\/ColComCon.2014.6860403"},{"key":"630_CR41","unstructured":"Open Flow [Online]. Available: http:\/\/www.openflow.org\/ . Accessed 12 July 2017"},{"key":"630_CR42","unstructured":"NOX. [Online]. Available: http:\/\/www.noxrepo.org\/nox\/about-nox\/ . Accessed 12 July 2017"},{"key":"630_CR43","unstructured":"POX. [Online]. Available: http:\/\/www.noxrepo.org\/pox\/about-pox . Accessed 12 July 2017"},{"key":"630_CR44","unstructured":"Kaur S, Singh J, Ghumman NS (2014) Network programmability using POX controller. International conference on communication, computing & systems, at SBS Staten technical campus, Ferozepur, Punjab, India, volume: 1"},{"key":"630_CR45","doi-asserted-by":"crossref","unstructured":"Nguyen HT, Petrovic S, Franke K (2010) A comparison of feature-selection methods for intrusion detection. In: Kotenko I, Skormin V (eds) Computer Network Security. MMM-ACNS 2010. Lecture Notes in Computer Science, vol 6258. Springer, Berlin, Heidelberg, pp 242\u2013255","DOI":"10.1007\/978-3-642-14706-7_19"},{"key":"630_CR46","doi-asserted-by":"crossref","unstructured":"Gogoil P, Bhuyan MH (2012) Packet and flow-based network intrusion dataset. International conference on contemporary computing IC3, pp 322\u2013334","DOI":"10.1007\/978-3-642-32129-0_34"},{"key":"630_CR47","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1109\/SURV.2013.111313.00244","volume":"16","author":"F Hu","year":"2014","unstructured":"Hu F, Hao Q, Bao K (2014) A survey on software-defined network and openFlow: from concept to implementation. IEEE communication surveys & tutorial 16:4","journal-title":"IEEE communication surveys & tutorial"},{"key":"630_CR48","doi-asserted-by":"crossref","unstructured":"Alom MZ, Bontupall VR, Taha TM (2015) Intrusion detection using deep belief networks. In: Aerospace and electronics conference, NAECON","DOI":"10.1109\/NAECON.2015.7443094"},{"key":"630_CR49","unstructured":"Coates A, Lee H, Ng Andrew Y (2011) An analysis of single-layer networks in unsupervised feature learning. In: Proceedings of the fourteenth international conference on artificial intelligence and statistics, PMLR 15:215\u2013223"},{"key":"630_CR50","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1016\/j.patrec.2014.05.020","volume":"49","author":"Y Lu","year":"2014","unstructured":"Lu Y, Cohen I, Zhou XS, Tian Q (2014) Feature selection using principal feature analysis. Pattern Recogn Lett 49:33\u201339","journal-title":"Pattern Recogn Lett"},{"key":"630_CR51","first-page":"195","volume":"259","author":"HF Eid","year":"2011","unstructured":"Eid HF, Salama MA, Hassanien AE, Kim TH (2011) Bi-layer behavioral based feature selection approach for network intrusion classification. Commun Comput Inf Sci Book Ser 259:195\u2013203","journal-title":"Commun Comput Inf Sci Book Ser"},{"key":"630_CR52","doi-asserted-by":"crossref","unstructured":"Hasan MAM, Nasser M, Ahmad S, Molla KH (2016) Feature selection for intrusion detection using random forest. In: Journal of information security, pp 129\u2013140","DOI":"10.4236\/jis.2016.73009"},{"key":"630_CR53","doi-asserted-by":"crossref","unstructured":"Kloft M, Brefeld U, Dussel P, Gehl C, Laskov P (2008) Automatic feature selection for anomaly detection. In: Proceedings of the 1st ACM workshop on AISec, Pages 71\u201376, Alexandria, Virginia, ACM New York, USA","DOI":"10.1145\/1456377.1456395"},{"issue":"3","key":"630_CR54","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1016\/j.cose.2011.12.012","volume":"31","author":"A Shiravi","year":"2012","unstructured":"Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31(3):357\u2013374","journal-title":"Comput Secur"},{"key":"630_CR55","unstructured":"University of New Brunswick (2017) [Online] available http:\/\/www.unb.ca\/cic\/research\/datasets\/dos-dataset.html . Accesses 22 June 2017"},{"key":"630_CR56","doi-asserted-by":"publisher","unstructured":"Creech G, Hu J (2013) Generation of a new IDS test dataset: time to retire the KDD collection. Wirel Commun Netw Conf (WCNC). https:\/\/doi.org\/10.1109\/WCNC.2013.6555301","DOI":"10.1109\/WCNC.2013.6555301"},{"key":"630_CR57","unstructured":"Nour M, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf Secur J: A Glob Perspec, pp 1\u201314"},{"key":"630_CR58","doi-asserted-by":"crossref","unstructured":"Almomani I, Al-Kasasbeh B, Al-Akhras M (2016) WSN-DS: a dataset for intrusion detection systems in wireless sensor networks. J Sens 16p","DOI":"10.1155\/2016\/4731953"},{"key":"630_CR59","doi-asserted-by":"crossref","unstructured":"Jankowski D, Amanowwicz M (2016) On efficiency of selected machine learning algorithms for intrusion detection in software defined networks. Int J Electron Telecommun, 62(3):247\u2013252","DOI":"10.1515\/eletel-2016-0033"}],"container-title":["Peer-to-Peer Networking and Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s12083-017-0630-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-017-0630-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-017-0630-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,12]],"date-time":"2022-08-12T09:05:19Z","timestamp":1660295119000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s12083-017-0630-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,1,12]]},"references-count":59,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,3]]}},"alternative-id":["630"],"URL":"https:\/\/doi.org\/10.1007\/s12083-017-0630-0","relation":{},"ISSN":["1936-6442","1936-6450"],"issn-type":[{"value":"1936-6442","type":"print"},{"value":"1936-6450","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,1,12]]},"assertion":[{"value":"29 July 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 December 2017","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 January 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}