Abstract
Software Defined Networking is an emerging architecture which focuses on the role of software to manage computer networks. Software Defined Networks (SDNs) introduce several mechanisms to detect specific types of attacks such as Denial of Service (DoS). Nevertheless, they are vulnerable to similar attacks that occur in traditional networks, such as the attacks that target control and data plane. Several techniques are proposed to handle the security vulnerabilities in SDNs. However, it is fairly challenging to create attack signatures, scenarios, or even intrusion detection rules that are applicable to dynamic environments such SDNs. This paper introduces a new approach to identify attacks on SDNs that uses: (1) similarity with existing attacks that target traditional networks, (2) an inference mechanism to avoid false positives and negatives during the prediction process, and (3) a packet aggregation technique which aims at creating attack signatures and use them to predict attacks on SDNs. We validated our approach on two datasets and showed that it yields promising results.
Original language | English (US) |
---|---|
Pages (from-to) | 152-164 |
Number of pages | 13 |
Journal | Journal of Network and Computer Applications |
Volume | 80 |
DOIs | |
State | Published - Feb 15 2017 |
Externally published | Yes |
Keywords
- Graph mining, Denial of service attacks
- Information security
- Intrusion detection
- Security architecture
- Software defined networks
ASJC Scopus subject areas
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications