دورية أكاديمية
Fast Defense System Against Attacks in Software Defined Networks
| العنوان: | Fast Defense System Against Attacks in Software Defined Networks |
|---|---|
| المؤلفون: | Marcos V.O. De Assis, Matheus P. Novaes, Cinara B. Zerbini, Luiz F. Carvalho, Taufik Abrao, Mario L. Proenca |
| المصدر: | IEEE Access, Vol 6, Pp 69620-69639 (2018) |
| بيانات النشر: | IEEE, 2018. |
| سنة النشر: | 2018 |
| المجموعة: | LCC:Electrical engineering. Electronics. Nuclear engineering |
| مصطلحات موضوعية: | DDoS, DWT, MLP, port scan, PSO, SDN, Electrical engineering. Electronics. Nuclear engineering, TK1-9971 |
| الوصف: | With the ever-growing data traffic in computer networks nowadays, the management of large-scale networks is a challenge for guaranteeing the quality of the provided services. This is due to the increasingly usage of connected applications, such as Internet of Things and cloud computing environments. Software-defined networking (SDN) is a new paradigm that aims to make this management process easier by centralizing the configuration of all network devices into a single programmable central controller. However, as any centralized service, this architecture is susceptible to security vulnerabilities, such as distributed denial of service (DDoS) and port scan attacks. Thus, security methods are necessary to guarantee the normal operation of SDN's central controller. Furthermore, networks are transporting an increasingly amount of information day by day, which could mean data loss in case of long network unavailability. For this reason, security mechanisms must operate online, with fast-responding countermeasures to mitigate the impact of the detected attacks over the SDN. In this paper, we present a fast SDN defense system against DDoS and port scan attacks, which runs directly into the central controller and uses a game theoretical approach for attack mitigation. For the detection, we compare three different approaches, particle swarm optimization, multi-layer perceptron neural network, and discrete wavelet transform. We test our approach over IP flow data generated over Mininet network emulator, along with floodlight controller, and the presented defense system achieved good outcomes for both detection and mitigation processes. |
| نوع الوثيقة: | article |
| وصف الملف: | electronic resource |
| اللغة: | English |
| تدمد: | 2169-3536 53162250 |
| Relation: | https://ieeexplore.ieee.org/document/8514012/; https://doaj.org/toc/2169-3536 |
| DOI: | 10.1109/ACCESS.2018.2878576 |
| URL الوصول: | https://doaj.org/article/53162250ecc247099010438d2b812b23 |
| رقم الأكسشن: | edsdoj.53162250ecc247099010438d2b812b23 |
| قاعدة البيانات: | Directory of Open Access Journals |
Full Text Finder | تدمد: | 21693536 53162250 |
|---|---|
| DOI: | 10.1109/ACCESS.2018.2878576 |