Revisiting Traffic Anomaly Detection Using Software Defined Networking

Mehdi, Syed Akbar; Khalid, Junaid; Khayam, Syed Ali

doi:10.1007/978-3-642-23644-0_9

Cited by 272 publications

(171 citation statements)

References 9 publications

Supporting

Mentioning

164

Contrasting

Unclassified

Order By: Relevance

“…Perhaps we also need to shift research focus back to traffic analysis and malware detection techniques. The new paradigm of software-defined networking (SDN) may hold some promise: there is already research suggesting SDN assists significantly in detecting malwarerelated anomalies at the network level [35].…”

Section: Discussionmentioning

confidence: 99%

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

Ali

McCorry

Lee

et al. 2015

Financial Cryptography and Data Security

View full text Add to dashboard Cite

Abstract. Botnets are the preeminent source of online crime and arguably the greatest threat to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that runs on the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin is designed to resist the very regulatory processes currently used to combat botnets. We believe this is a desirable avenue botmasters may explore in the near future and our work is intended as a first step towards devising effective countermeasures.

show abstract

Section: Discussionmentioning

confidence: 99%

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

Ali

McCorry

Lee

et al. 2015

Financial Cryptography and Data Security

View full text Add to dashboard Cite

show abstract

“…Shin and Gu in [18] presented a very similar design focused on SDN in the cloud. In [19], they proposed using SDN to provide intrusion detection in a small office/home. The opportunity for the improvement and simplification of system security using the SDN architecture is manifested in this body of research.…”

Section: Previous Research On Sdnmentioning

confidence: 99%

FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

et al. 2016

View full text Add to dashboard Cite

Software Defined Networking (SDN) has brought many changes in terms of the interaction processes between systems and humans. It has become the key enabler of software defined architecture, which allows enterprises to build a highly agile Information Technology (IT) infrastructure. For Future Sustainability Computing (FSC), SDN needs to deliver on many information technology commitments-more automation, simplified design, increased agility, policy-based management, and network management bond to more liberal IT workflow systems. To address the sustainability problems, SDN needs to provide greater collaboration and tighter integration with networks, servers, and security teams that will have an impact on how enterprises design, plan, deploy and manage networks. In this paper, we propose FS-OpenSecurity, which is a new and pragmatic security architecture model. It consists of two novel methodologies, Software Defined Orchestrator (SDO) and SQUEAK, which offer a robust and secure architecture. The secure architecture is required for protection from diverse threats. Usually, security administrators need to handle each threat individually. However, handling threats automatically by adapting to the threat landscape is a critical demand. Therefore, the architecture must handle defensive processes automatically that are collaboratively based on intelligent external and internal information.

show abstract

“…SnortFlow [72] is an extension to Snort with SDN capabilities that enables the detection of intrusions and malicious activities in cloud environments. Detection mechanisms are traditionally based on Machine Learning [86], Signatures [87] and Entropy [88]. Shin et al [81] group several security needs and deliver a complete framework for security implementation, sharing and composition of detection modules and mitigation in a SDN.…”

Section: Securitymentioning

confidence: 99%

“…According to Mehdi et al [87], the deployment of an anomaly detection system in the traditional network core is difficult mainly due to the low detection rate that these systems can provide with limited network information. In SDN, however, the control plane has a comprehensive view of the network, which facilitates the implementation of detection mechanisms.…”

Section: Ddos Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Resilience support in software-defined networking: A survey

et al. 2015

View full text Add to dashboard Cite

Software-Defined Networking (SDN) is an architecture for computer networking that provides a clear separation between network control functions and forwarding operations. The abstractions supported by this architecture are intended to simplify the implementation of several tasks that are critical to network operation, such as routing and network management. Computer networks have an increasingly important societal role, requiring them to be resilient to a range of challenges. Previously, research into network resilience has focused on the mitigation of several types of challenges, such as natural disasters and attacks. Capitalising on its benefits, including increased programmability and a clearer separation of concerns, significant attention has recently focused on the development of resilience mechanisms that use software-defined networking approaches. In this article, we present a survey that provides a structured overview of the resilience support that currently exists in this important area. We categorize the most recent research on this topic with respect to a number of resilience disciplines. Additionally, we discuss the lessons learned from this investigation, highlight the main challenges faced by SDNs moving forward, and outline the research trends in terms of solutions to mitigate these challenges . 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 This article presents a survey on the support for network resilience in SoftwareDefined Networking (SDN). This has been the subject of intense investigation by the academic and industrial community in the past few years, as evidenced by the number of papers included in our survey (159 references in total). Capitalizing on the benefits of SDN, including increased programmability and a clearer separation of concerns, significant attention has recently focused on the development of resilience mechanisms that use software-defined networking approaches. Thus, a wide range of solutions to classical network problems have been revisited using this architecture, but many problems continue to be challenging.Our survey investigates the resilience support that currently exists in this important area, and categorizes the most recent research on this topic with respect to a number of resilience disciplines. Additionally, we discuss the lessons learned from this investigation, highlight the main challenges faced by SDNs moving forward, and outline the research trends in terms of solutions to mitigate these challenges. The aim of the survey is to offer to the reader a structured view of network resilience in the SDN spectrum, and how resilience aspects are supported in these architectures.We believe that this subject material is closely aligned with the objectives of the journal. Please be assured that:1. This paper has not been published or accepted for publication w...

show abstract

Revisiting Traffic Anomaly Detection Using Software Defined Networking

Cited by 272 publications

References 9 publications

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

ZombieCoin: Powering Next-Generation Botnets with Bitcoin

FS-OpenSecurity: A Taxonomic Modeling of Security Threats in SDN for Future Sustainable Computing

Resilience support in software-defined networking: A survey

Contact Info

Product

Resources

About