当前位置:
X-MOL 学术
›
Int. J. Commun. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Security anomaly detection in software‐defined networking based on a prediction technique
International Journal of Communication Systems ( IF 2.1 ) Pub Date : 2020-07-22 , DOI: 10.1002/dac.4524 Tohid Jafarian 1 , Mohammad Masdari 1 , Ali Ghaffari 2 , Kambiz Majidzadeh 1
International Journal of Communication Systems ( IF 2.1 ) Pub Date : 2020-07-22 , DOI: 10.1002/dac.4524 Tohid Jafarian 1 , Mohammad Masdari 1 , Ali Ghaffari 2 , Kambiz Majidzadeh 1
Affiliation
|
Nowadays, software‐defined networking (SDN) is regarded as the best solution for the centralized handling and monitoring of large networks. However, it should be noted that SDN architecture suffers from the same security issues, which are the case with common networks. As a case in point, one of the shortcomings of SDNs is related to its high vulnerability to distributed denial of service (DDoS) attacks and other similar ones. Indeed, anomaly detection systems have been considered to deal with these attacks. The challenges are related to designing these systems including gathering data, extracting effective features, and selecting the best model for anomaly detection. In this paper, a novel combined approach is proposed; this method uses NetFlow protocol for gathering information and generating dataset, information gain ratio (IGR), in order to select the effective and relevant features and ensemble learning scheme (Stacking) for developing a structure with desirable performance and efficiency for detecting anomaly in SDN environment. The results obtained from the experiments revealed that the proposed method performs better than other methods in terms of enhancing accuracy (AC) and detection rate (DR) and reducing classification error (CE) and false alarm rate (FAR). The AC, DR, CE, and FAR of the proposed model were measured as 99.92%, 99.83%, 0.08%, and 0.03%, respectively. Furthermore, the proposed method prevents the occurrence of excessive overload on the controller and OpenFlow.
中文翻译:
基于预测技术的软件定义网络中的安全异常检测
如今,软件定义网络(SDN)被认为是集中处理和监视大型网络的最佳解决方案。但是,应该注意的是,SDN体系结构也遭受相同的安全问题,常见网络就是这种情况。例如,SDN的缺点之一与它对分布式拒绝服务(DDoS)攻击和其他类似攻击的高度脆弱性有关。实际上,已经考虑使用异常检测系统来应对这些攻击。这些挑战与设计这些系统有关,包括收集数据,提取有效特征以及选择最佳模型进行异常检测。本文提出了一种新颖的组合方法。该方法使用NetFlow协议收集信息并生成数据集,信息增益比(IGR),为了选择有效和相关的特征以及集成学习方案(堆栈),以开发一种具有理想性能和效率的结构来检测SDN环境中的异常。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别测量为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。
更新日期:2020-07-22
中文翻译:
基于预测技术的软件定义网络中的安全异常检测
如今,软件定义网络(SDN)被认为是集中处理和监视大型网络的最佳解决方案。但是,应该注意的是,SDN体系结构也遭受相同的安全问题,常见网络就是这种情况。例如,SDN的缺点之一与它对分布式拒绝服务(DDoS)攻击和其他类似攻击的高度脆弱性有关。实际上,已经考虑使用异常检测系统来应对这些攻击。这些挑战与设计这些系统有关,包括收集数据,提取有效特征以及选择最佳模型进行异常检测。本文提出了一种新颖的组合方法。该方法使用NetFlow协议收集信息并生成数据集,信息增益比(IGR),为了选择有效和相关的特征以及集成学习方案(堆栈),以开发一种具有理想性能和效率的结构来检测SDN环境中的异常。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别测量为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。从实验中获得的结果表明,该方法在提高准确度(AC)和检测率(DR)以及减少分类错误(CE)和误报率(FAR)方面表现优于其他方法。建议模型的AC,DR,CE和FAR分别为99.92%,99.83%,0.08%和0.03%。此外,所提出的方法防止在控制器和OpenFlow上发生过度的过载。
京公网安备 11010802027423号