Network-Wide Localization of Optical-Layer Attacks

Furdek, Marija; Chan, Vincent W. S.; Natalino, Carlos; Wosinska, Lena

doi:10.1007/978-3-030-38085-4_27

Cited by 2 publications

(3 citation statements)

References 14 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When AttSyns are unique for all attack scenarios, the harmful connection that caused the attack can be deduced from the subset of affected connections. Otherwise, additional security monitors or monitoring probes, whose resource-minimizing design was proposed in [33], are necessary to provide AttSyn disambiguation.…”

Section: B Optical Network Security Managementmentioning

confidence: 99%

“…Initially, only connections C 1 and C 2 are present in the network. If we consider an attack scenario where user connections registered in the system (i.e., C 1 or C 2 in the example) can become the source of an attack (e.g., by tampering with their power levels) and affect any other connections they share links with, the AttSyns are formed for each connection as the attack source, as shown in Fig.4b [32], [33]. In the AttSyn table, the rows match the attack source, while the columns correspond to the resulting degradation of each connection.…”

Section: Attack Source Localizationmentioning

confidence: 99%

See 1 more Smart Citation

Machine Learning for Optical Network Security Monitoring: A Practical Perspective

Furdek

Natalino

Lipp³

et al. 2020

J. Lightwave Technol.

Self Cite

View full text Add to dashboard Cite

In order to accomplish cost-efficient management of complex optical communication networks, operators are seeking automation of network diagnosis and management by means of Machine Learning (ML). To support these objectives, new functions are needed to enable cognitive, autonomous management of optical network security. This paper focuses on the challenges related to the performance of ML-based approaches for detection and localization of optical-layer attacks, and to their integration with standard Network Management Systems (NMSs). We propose a framework for cognitive security diagnostics that comprises an attack detection module with Supervised Learning (SL), Semi-Supervised Learning (SSL) and Unsupervised Learning (UL) approaches, and an attack localization module that deduces the location of a harmful connection and/or a breached link. The influence of false positives and false negatives is addressed by a newly proposed Window-based Attack Detection (WAD) approach. We provide practical implementation guidelines for the integration of the framework into the NMS and evaluate its performance in an experimental network testbed subjected to attacks, resulting with the largest optical-layer security experimental dataset reported to date.

show abstract

Section: B Optical Network Security Managementmentioning

confidence: 99%

Section: Attack Source Localizationmentioning

confidence: 99%

Machine Learning for Optical Network Security Monitoring: A Practical Perspective

Furdek

Natalino

Lipp³

et al. 2020

J. Lightwave Technol.

Self Cite

View full text Add to dashboard Cite

show abstract

“…In addition to the examples of approaches for detecting the presence of physical-layer breaches summarized in Sec. 1, an approach for localization of high-power jamming signals can be found in [26], while [15,27] describe a framework for attack monitoring probe design to aid localization of harmful connections and/or breached links.…”

Section: Optical Layer Security In Evolving Network Operation a Network Security Management Frameworkmentioning

confidence: 99%

Optical network security management: requirements, architecture, and efficient machine learning models for detection of evolving threats [Invited]

Furdek

Natalino

Giglio

et al. 2020

J. Opt. Commun. Netw.

Self Cite

View full text Add to dashboard Cite

As the communication infrastructure that sustains critical societal services, optical networks need to function in a secure and agile way. Thus, cognitive and automated security management functionalities are needed, fueled by the proliferating Machine Learning (ML) techniques and compatible with common network control entities and procedures. Automated management of optical network security requires advancements both in terms of performance and efficiency of ML approaches for security diagnostics, as well as novel management architectures and functionalities. This paper tackles these challenges by proposing a novel functional block called Security Operation Center (SOC), describing its architecture, specifying key requirements on the supported functionalities and providing guidelines on its integration with optical layer controller. Moreover, to boost efficiency of ML-based security diagnostic techniques when processing high-dimensional optical performance monitoring data in the presence of previously unseen physical-layer attacks, we combine unsupervised and semi-supervised learning techniques with three different dimensionality reduction methods and analyze the resulting performance and trade-offs between ML accuracy and run time complexity.

show abstract

Network-Wide Localization of Optical-Layer Attacks

Cited by 2 publications

References 14 publications

Machine Learning for Optical Network Security Monitoring: A Practical Perspective

Machine Learning for Optical Network Security Monitoring: A Practical Perspective

Optical network security management: requirements, architecture, and efficient machine learning models for detection of evolving threats [Invited]

Contact Info

Product

Resources

About