A survey and classification of the security anomaly detection mechanisms in software defined networks

Jafarian, Tohid; Màsdàrí, Mohàmmàd; Ghaffari, Ali; Majidzadeh, Kambiz

doi:10.1007/s10586-020-03184-1

Cited by 45 publications

(17 citation statements)

References 79 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…During the operation of the virtual machine, the user can initiate a trusted authentication request at any time and can also require the certifier to regularly feed back the reliability measurement results. erefore, different request cycles will lead to different frequencies of credibility measurement [19]. In order to test the performance impact of the virtual machine under different trusted measurement frequencies, we run different benchmark test sets in the virtual machine and initiate periodic trusted authentication requests through users at different frequencies.…”

Section: Results Analysismentioning

confidence: 99%

Design and Implementation of Cloud Computing Network Security Virtual Computing and Defense Technology

Cheng¹

2022

Security and Communication Networks

View full text Add to dashboard Cite

In order to improve the defense effect in network security, a research and implementation method of cloud computing network security virtual computing and defense technology is proposed. This architecture makes full use of the structural advantages of the virtualized environment, which can realize the trusted measurement of the user’s virtual machine in a more reliable way and can support the user’s diverse authentication requests. This paper introduces the concept of cloud computing, the classification of cloud computing, and the characteristics of cloud computing network security. In the case of fully considering the coupling relationship between the physical network and the logical network, the topology of the cloud computing network is established, and based on the network topology, the relevant network theory is used to analyze the cloud computing network. The avalanche failure under the computing network is studied. The research results show that the relative performance under different trusted measurement periods can reach more than 97%, which can flexibly meet the needs of user trusted authentication and can effectively provide trusted protection for user virtual machines. Adding additional protection measures to some special nodes in the cloud computing network topology to ensure that they are not damaged when attacked can greatly improve the robustness of the entire cloud computing network topology, therby ensuring that the network can avoid the attack. A large area will not be paralyzed due to the avalanche effect, and at the same time, the function and topology of the network itself have not changed. This method can effectively improve the security protection effect in network security.

show abstract

Section: Results Analysismentioning

confidence: 99%

Design and Implementation of Cloud Computing Network Security Virtual Computing and Defense Technology

Cheng¹

2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…The primary objective of IDS systems is to monitor traffic patterns for sudden and unexpected changes in traffic or other network traffic conditions [13].…”

Section: Related Workmentioning

confidence: 99%

A study on IDS system based on Hedge Algebras to detect DDOS attack in IoT systems

Hoang

2022

Preprint

View full text Add to dashboard Cite

In recent years, we have experienced the rapid and beneficial development of IoT solutions throughout all aspects of life. In addition to the obvious advantages, the increase in the number and variety of devices has resulted in more challenges on security issues. The DDOS attack, which originates from a broad range of sources and is a significant challenge for IoT systems, is one of the most prevalent but devastating attacks. IoT devices are typically simple and have few computing resources, putting them at risk of being infected devices and attackers. IDS intrusion detection systems are regarded to be the foremost line of protection against DDOS attacks. Therefore, the IDS system attracts many researchers and implements intelligent techniques such as machine learning and fuzzy logic to detect these DDOS attacks quickly and precisely. Along with the approach of intelligent computation, this study presents a novel technique for detecting DDOS attacks based on hedge algebra, which has never been implemented on IDS systems. We use the PSO swarm optimization algorithm to optimize the proposed model’s parameters for optimized performance. Our experiment on the IoT-23 dataset shows that the proposed model’s accuracy and performance metrics for DDOS attack detection are better than those proposed by other previous authors.

show abstract

“…Therefore, it is essential to develop a modern IDS that handles security issues in an SDN framework and is suitable for large-scale networks. IDS is categorised into two types: signature-based and anomaly-based [3]. Signature-based IDSs identifies as misuse detection or knowledge-based detection.…”

Section: Introductionmentioning

confidence: 99%

Overhead Reduction Technique for Software-Defined Network Based Intrusion Detection Systems

2022

View full text Add to dashboard Cite

In Software-Defined Networks, the Intrusion Detection System is receiving growing attention, due to the expansion of the internet and cloud storage. This system is vital for institutions that use cloud services and have many users. Although the Intrusion Detection System offers several security features, its performance is lagging behind in large enterprise's networks. Existing approaches are based on centralised processing and use many features to implement a protection system. Therefore, system overload and poor performance occur at the controller and OpenFlow switches. As a result, the current solutions create issues that must be considered, especially when they are implemented on large networks. Furthermore, enhancements in security applications improve the reliability of networks. Following a literature review of the existing Intrusion Detection Systems, this paper presents a new model that offers decentralised processing and exchanges data over a trusted, independent channel, in order to solve issues relating to system overload and poor performance. Our model utilises an appropriate feature selection method to reduce the number of extracted features and minimise the data transmitted over the channels. Additionally, the Naive Bayes algorithm has been employed for flow classification purposes, since it is a fast classifier. We successfully implemented our framework, using the Mininet emulator, which provides a suitable networking environment. Evaluations indicates that our proposed system can detect various attacks with an accuracy of 98.46% and nominal decreasing rates of 1.5% in throughput and 0.7% in latency analyses, when the model is implemented in wide range networks.

show abstract

A survey and classification of the security anomaly detection mechanisms in software defined networks

Cited by 45 publications

References 79 publications

Design and Implementation of Cloud Computing Network Security Virtual Computing and Defense Technology

Design and Implementation of Cloud Computing Network Security Virtual Computing and Defense Technology

A study on IDS system based on Hedge Algebras to detect DDOS attack in IoT systems

Overhead Reduction Technique for Software-Defined Network Based Intrusion Detection Systems

Contact Info

Product

Resources

About