Article: TPOT-IDSDN: an AutoML-based model optimisation for intrusion detection system against cyber threats in software defined-networking Journal: International Journal of Communication Networks and Distributed Systems (IJCNDS) 2025 Vol.31 No.6 pp.614 - 648 Abstract: The architectural shift of software defined networks (SDN) creates new security concerns, necessitating the creation of robust intrusion detection systems (IDS) to protect the network infrastructure. This paper focuses on the essential challenge of selecting classifiers for anomaly-based IDS in an SDN environment. An automated machine learning (AutoML) framework called tree-based pipeline optimisation tool (TPOT) was used to speed up this procedure substantially. TPOT automates model selection and hyperparameter optimisation, to decide a best classifier suited for the given dataset. The TPOT framework selected the ExtraTreesClassifier for multiclass and the XGB stacked with the BernoulliNB classifier for binary class with lower execution time (26.91 s, 11.29 s) and 100% accuracy. A comprehensive examination of standard nine machine learning (ML) classifiers confirmed TPOT has provided the best model. When deployed in the IDS framework of SDN, the selected classifiers showed a 100% detection rate that outperformed other existing approaches. Inderscience Publishers - linking academia, business and industry through research

Title: TPOT-IDSDN: an AutoML-based model optimisation for intrusion detection system against cyber threats in software defined-networking

Authors: D. Sendil Vadivu; Aswin Valsaraj; Ashwin Santhosh; Kaustub Pavagada; Narendran Rajagopalan

Addresses: Department of Computer Science and Engineering, National Institute of Technology Puducherry, Karaikal, 609609, India ' Department of Computer Science and Engineering, National Institute of Technology Puducherry, Karaikal, 609609, India ' Department of Computer Science and Engineering, National Institute of Technology Puducherry, Karaikal, 609609, India ' Department of Computer Science and Engineering, National Institute of Technology Puducherry, Karaikal, 609609, India ' Department of Computer Science and Engineering, National Institute of Technology Puducherry, Karaikal, 609609, India

Abstract: The architectural shift of software defined networks (SDN) creates new security concerns, necessitating the creation of robust intrusion detection systems (IDS) to protect the network infrastructure. This paper focuses on the essential challenge of selecting classifiers for anomaly-based IDS in an SDN environment. An automated machine learning (AutoML) framework called tree-based pipeline optimisation tool (TPOT) was used to speed up this procedure substantially. TPOT automates model selection and hyperparameter optimisation, to decide a best classifier suited for the given dataset. The TPOT framework selected the ExtraTreesClassifier for multiclass and the XGB stacked with the BernoulliNB classifier for binary class with lower execution time (26.91 s, 11.29 s) and 100% accuracy. A comprehensive examination of standard nine machine learning (ML) classifiers confirmed TPOT has provided the best model. When deployed in the IDS framework of SDN, the selected classifiers showed a 100% detection rate that outperformed other existing approaches.

Keywords: AutoML; automated machine learning; SDN; software defined network; TPOT; tree-based pipeline optimisation tool; cyber security; intrusion detection systems.

DOI: 10.1504/IJCNDS.2025.149479

International Journal of Communication Networks and Distributed Systems, 2025 Vol.31 No.6, pp.614 - 648

Received: 23 Sep 2024
Accepted: 08 Nov 2024
Published online: 04 Nov 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: TPOT-IDSDN: an AutoML-based model optimisation for intrusion detection system against cyber threats in software defined-networking

Keep up-to-date