Abstract
Software-Defined Networking (SDN) is increasingly exposed to complex cyberattacks, requiring advanced, adaptive, and efficient intrusion detection mechanisms. This study presents LightIDS-SDN, a federated and explainable intrusion detection framework tailored for SDN environments. At its core, the system employs Dual Fitness Enhanced Quantum-Inspired Particle Swarm Optimization (DFE-GQPSO) for feature selection, which identifies the most informative network attributes while eliminating redundant or irrelevant features. This quantum-optimized feature selection significantly improves detection performance by reducing overfitting and enhancing generalization. The framework incorporates a hybrid deep learning architecture, MSDC-Net, combining Transformer layers, Capsule Networks, and BiLSTM units to capture contextual, spatial, and sequential dependencies in network traffic. Federated learning using FedAvg enables collaborative model training across multiple SDN controllers while preserving data privacy. Explainable AI modules, based on SHapley Additive exPlanations (SHAP) and Gradient-weighted Class Activation Mapping (Grad-CAM), provide both global and local interpretability, ensuring transparent and accountable decision-making. Experiments on the InSDN dataset demonstrate the effectiveness of the proposed system, achieving 98.73% accuracy, 98.80% precision, 98.65% recall, and 98.72% F1-score. Comparative analysis confirms that DFE-GQPSO outperforms traditional feature selection methods, enhancing model robustness and training efficiency. Overall, LightIDS-SDN effectively detects a wide range of SDN attacks while addressing limitations of conventional IDS approaches, including limited scalability, lack of interpretability, and computational inefficiency. This work lays the foundation for deploying quantum-optimized, explainable, and federated intrusion detection systems in SDN networks.
Data availability
The datasets analysed during the current study are available in the Kaggle repository, https://www.kaggle.com/datasets/badcodebuilder/insdn-dataset.
Code Availability
All code, preprocessing scripts, dataset splits, and model artifacts used in this study are publicly available in the GitHub repository at: [https://github.com/logeswarig/LightIDS]. A permanent archive of this repository has been deposited in Zenodo, accessible via the DOI: [https://doi.org/10.5281/zenodo.18159862].
References
Singh, S. & Jha, R. K. A survey on software defined networking: architecture for next generation network. J. Netw. Syst. Manage. 25 (2), 321–374 (2017).
Kreutz, D. et al. Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1), 14–76. (2014).
Anand, N. et al. Securing Software Defined Networks: A Comprehensive Analysis of approaches, applications, and Future Strategies against DoS Attacks (IEEE Access, 2024).
Benzekki, K., El Fergougui, A. & Elbelrhiti Elalaoui, A. Software-defined networking (SDN): a survey. Secur. Communication Networks. 9 (18), 5803–5833 (2016).
Scott-Hayward, S., O’Callaghan, G. & Sezer, S. SDN security: A survey. In: 2013 IEEE SDN For Future Networks and Services (SDN4FNS) 1–7 (IEEE, 2013).
Shin, S. et al. Fresco: Modular composable security services for software-defined networks. In 20th annual network & distributed system security symposium. Ndss. (2013).
Hong, S., Xu, L., Wang, H. & Gu, G. Poisoning network visibility in software-defined networks: New attacks and countermeasures. In Ndss 15, 8–11 (2015).
Alsmadi, I. & Xu, D. Security of software defined networks: A survey. Computers Secur. 53, 79–108 (2015).
Logeswari, G., Bose, S. & Anitha, T. J. I. A. An intrusion detection system for Sdn using machine learning. Intell. Autom. Soft Comput. 35 (1), 867–880 (2023).
Bose, S. et al. Multi-Layer Adaptive Intrusion Detection and Mitigation System for SDN Adversarial Threats using a BAT-MC Model. In: 2024 9th International Conference on Communication and Electronics Systems (ICCES) 886–891 (IEEE, 2024).
Mousavi, S. M. & St-Hilaire, M. Early detection of DDoS attacks against SDN controllers. In: 2015 international conference on computing, networking and communications (ICNC) 77–81 (IEEE, 2015).
Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R. & Ghogho, M. Deep learning approach for network intrusion detection in software defined networking. In: 2016 international conference on wireless networks and mobile communications (WINCOM) 258–263 (IEEE, 2016).
Yan, Q., Yu, F. R., Gong, Q. & Li, J. Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Commun. Surv. Tutorials. 18 (1), 602–622 (2015).
Yan, Q., Huang, W., Luo, X., Gong, Q. & Yu, F. R. A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. 56 (2), 30–36 (2018).
Wang, P., Lin, S. C. & Luo, M. A framework for QoS-aware traffic classification using semi-supervised machine learning in SDNs. In: 2016 IEEE international conference on services computing (SCC). 760–765 (IEEE, 2016).
Ali, D. et al. Improving the explainability and transparency of deep learning models in intrusion detection systems. Kashf J. Multidisciplinary Res. 2(02), 149–164 (2025).
Ujjan, R. M. A. et al. Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN. Future Generation Comput. Syst. 111, 763–779 (2020).
Hindy, H. et al. A taxonomy and survey of intrusion detection system design techniques, network threats and datasets. (2018).
Kreutz, D., Ramos, F. M. & Verissimo, P. Towards secure and dependable software-defined networks. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking 55–60 (2013).
Scott-Hayward, S., Natarajan, S. & Sezer, S. A survey of security in software defined networks. IEEE Commun. Surv. Tutorials. 18 (1), 623–654 (2015).
Ahmed, R. S. & Atia, T. S. Machine learning and deep learning for distributed denial of service attack detection in software-defined networking: A review. In: AIP Conference Proceedings 3211(1), 030030 (AIP Publishing LLC, 2025).
Saheed, Y. K., Abdulganiyu, O. H., Majikumna, K. U., Mustapha, M. & Workneh, A. D. ResNet50-1D-CNN: A new lightweight resNet50-One-dimensional Convolution neural network transfer learning-based approach for improved intrusion detection in cyber-physical systems. Int. J. Crit. Infrastruct. Prot. 45, 100674 (2024).
Saheed, Y. K., Misra, S. & Chockalingam, S. Autoencoder via DCNN and LSTM models for intrusion detection in industrial control systems of critical infrastructures. In: 2023 IEEE/ACM 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) 9–16 (IEEE, 2023).
Ingre, B. & Yadav, A. Performance analysis of NSL-KDD dataset using ANN. In: 2015 international conference on signal processing and communication engineering systems 92–96 (IEEE, 2015).
Laghrissi, F., Douzi, S., Douzi, K. & Hssina, B. Intrusion detection systems using long short-term memory (LSTM). J. Big Data. 8 (1), 65 (2021).
Kang, H., Vo, T., Kim, H. K. & Hong, J. B. CANival: A multimodal approach to intrusion detection on the vehicle CAN bus. Veh. Commun. 50, 100845 (2024).
Saheed, Y. K., Abdulganiyu, O. H. & Ait Tchakoucht, T. Modified genetic algorithm and fine-tuned long short-term memory network for intrusion detection in the internet of things networks with edge capabilities. Appl. Soft Comput. 155, 111434 (2024).
Wang, W., Zhu, M., Zeng, X., Ye, X. & Sheng, Y. Malware traffic classification using convolutional neural network for representation learning. In: 2017 International conference on information networking (ICOIN) 712–717 (IEEE, 2017).
Toldinas, J. et al. A novel approach for network intrusion detection using multistage deep learning image recognition. Electronics 10 (15), 1854 (2021).
Yin, C., Zhu, Y., Fei, J. & He, X. A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access. 5, 21954–21961 (2017).
Fu, Y., Du, Y., Cao, Z., Li, Q. & Xiang, W. A deep learning model for network intrusion detection with imbalanced data. Electronics 11 (6), 898 (2022).
Saheed, Y. K., Abdulganiyu, O. H. & Ait Tchakoucht, T. A novel hybrid ensemble learning for anomaly detection in industrial sensor networks and SCADA systems for smart City infrastructures. J. King Saud University-Computer Inform. Sci. 35 (5), 101532 (2023).
Yang, Q., Liu, Y., Chen, T. & Tong, Y. Federated machine learning: concept and applications. ACM Trans. Intell. Syst. Technol. (TIST). 10 (2), 1–19 (2019).
Liu, Y., James, J. Q., Kang, J., Niyato, D. & Zhang, S. Privacy-preserving traffic flow prediction: A federated learning approach. IEEE Internet Things J. 7 (8), 7751–7763 (2020).
Li, T., Sahu, A. K., Talwalkar, A. & Smith, V. Federated learning: Challenges, methods, and future directions. IEEE. Signal. Process. Mag. 37 (3), 50–60 (2020).
Karimireddy, S. P. et al. Scaffold: Stochastic controlled averaging for federated learning. In International conference on machine learning 5132–5143 (PMLR, 2020).
Zhao, Y. et al. Federated learning with non-iid data. ArXiv Preprint https://abs/arXiv.org/180600582. (2018).
Konečný, J. et al. Federated learning: strategies for improving communication efficiency. ArXiv Preprint https://abs/arXiv .org/161005492. (2016).
Khan, I. A., Pi, D., Kamal, S., Alsuhaibani, M. & Alshammari, B. M. Federated-boosting: a Distributed and Dynamic boosting-powered cyber-attack Detection Scheme for Security and Privacy of Consumer IoT (IEEE Transactions on Consumer Electronics, 2024).
Khan, I. A. et al. Fed-inforce-fusion: A federated reinforcement-based fusion model for security and privacy protection of IoMT networks against cyber-attacks. Inform. Fusion. 101, 102002 (2024).
Khan, I. A. et al. A novel collaborative Sru network with dynamic behaviour aggregation, reduced communication overhead and explainable features. IEEE J. Biomedical Health Inf. 28 (6), 3228–3235 (2024).
Saheed, Y. K. & Misra, S. CPS-IoT-PPDNN: A new explainable privacy preserving DNN for resilient anomaly detection in Cyber-Physical Systems-enabled IoT networks Vol. 191, 115939 (Chaos, Solitons & Fractals, 2025).
Saheed, Y. K. & Chukwuere, J. E. CPS-IIoT-P2Attention: Explainable privacy-preserving with scaled dot-product attention in cyber physical system-industrial IoT network (IEEE Access, 2025).
Arora, S. & Anand, P. Binary butterfly optimization approaches for feature selection. Expert Syst. Appl. 116, 147–160 (2019).
Biamonte, J. et al. Quantum machine learning. Nature 549 (7671), 195–202 (2017).
Xie, M., Zhang, Y., Zhong, S. & Li, Q. Privacy-preserving quantum annealing for Quadratic Unconstrained Binary Optimization (QUBO) problems. In: 2024 IEEE International Conference on Quantum Computing and Engineering (QCE). 1, 1347–1353 (IEEE, 2024).
Larkin, J., Jonsson, M., Justice, D. & Guerreschi, G. G. Evaluation of QAOA based on the approximation ratio of individual samples. Quantum Sci. Technol. 7 (4), 045014 (2022).
Funding
Open access funding provided by Vellore Institute of Technology.
Author information
Authors and Affiliations
Contributions
Conceptualization, L.G.; methodology, R.S., L.G., T.K and S.G.; formal analysis, L.G., and S.G.; investigation, L.G., R.S., and T.K.; writing-original draft preparation, L.G., R.S., T.K., and S.G.; writing-review and editing, R.S., L.G., and T.K; visualization, R.S., and L.G.; supervision, L.G., and T.K.;. All authors have reviewed the manuscript.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Ethical approval
All the author declares their ethics approval.
Consent for publication
All the author declares their consent for publication.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License, which permits any non-commercial use, sharing, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if you modified the licensed material. You do not have permission under this licence to share adapted material derived from this article or parts of it. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/.
About this article
Cite this article
Rohith, S., Logeswari, G., Tamilarasi, K. et al. A federated deep learning approach for SDN security with quantum optimized feature selection and hybrid MSDC net architecture. Sci Rep (2026). https://doi.org/10.1038/s41598-026-37289-1
Received:
Accepted:
Published:
DOI: https://doi.org/10.1038/s41598-026-37289-1
