Software‐defined networking security for private data center networks and clouds: Vulnerabilities, attacks, countermeasures, and solutions

Abdelrahman, Abdallah Mustafa; Rodrigues, Joel J. P. C.; Mahmoud, Mukhtar M. E.; Saleem, Kashif; Das, Ashok Kumar; Korotaev, Valery V.; Kozlov, Sergei A.

doi:10.1002/dac.4706

Cited by 32 publications

(20 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Network traffic is infected by a plethora of malware and security threats to be managed [1,2]. Security issues to be resolved and managed emanate from the complexity and vulnerability of the network architecture [3,4].…”

Section: Introductionmentioning

confidence: 99%

“…Security issues to be resolved and managed emanate from the complexity and vulnerability of the network architecture [3,4]. To protect the network, different preventive techniques such as Intrusion Detection Systems (IDSs) were implemented [1][2][3][4]. In essence, an IDS can be stratified as a network-based intrusion detection system (NIDS) that controls networking events such as firewall logs or netflow, and host-based intrusion detection system (HIDS), which monitors events related to the network such as systems logs [5].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

UGRansome1819: A Novel Dataset for Anomaly Detection and Zero-Day Threats

2021

View full text Add to dashboard Cite

This research attempts to introduce the production methodology of an anomaly detection dataset using ten desirable requirements. Subsequently, the article presents the produced dataset named UGRansome, created with up-to-date and modern network traffic (netflow), which represents cyclostationary patterns of normal and abnormal classes of threatening behaviours. It was discovered that the timestamp of various network attacks is inferior to one minute and this feature pattern was used to record the time taken by the threat to infiltrate a network node. The main asset of the proposed dataset is its implication in the detection of zero-day attacks and anomalies that have not been explored before and cannot be recognised by known threats signatures. For instance, the UDP Scan attack has been found to utilise the lowest netflow in the corpus, while the Razy utilises the highest one. In turn, the EDA2 and Globe malware are the most abnormal zero-day threats in the proposed dataset. These feature patterns are included in the corpus, but derived from two well-known datasets, namely, UGR’16 and ransomware that include real-life instances. The former incorporates cyclostationary patterns while the latter includes ransomware features. The UGRansome dataset was tested with cross-validation and compared to the KDD99 and NSL-KDD datasets to assess the performance of Ensemble Learning algorithms. False alarms have been minimized with a null empirical error during the experiment, which demonstrates that implementing the Random Forest algorithm applied to UGRansome can facilitate accurate results to enhance zero-day threats detection. Additionally, most zero-day threats such as Razy, Globe, EDA2, and TowerWeb are recognised as advanced persistent threats that are cyclostationary in nature and it is predicted that they will be using spamming and phishing for intrusion. Lastly, achieving the UGRansome balance was found to be NP-Hard due to real life-threatening classes that do not have a uniform distribution in terms of several instances.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

UGRansome1819: A Novel Dataset for Anomaly Detection and Zero-Day Threats

2021

View full text Add to dashboard Cite

show abstract

“…25 In recent years, security and privacy issues in SDN environment and other networking environments become very crucial. [25][26][27][28][29] We analyzed several security protocols designed for software-defined networking to ensure privacy and security. However, most of the protocols in the literature are susceptible to various attacks like ARP poisoning, DDoS, 1 insider attacks, impersonation, and replay attacks.…”

Section: Literature Surveymentioning

confidence: 99%

SDN‐chain: Privacy‐preserving protocol for software defined networks using blockchain

Shashidhara

Ahuja

Lajuvanthi

et al. 2021

Security and Privacy

Self Cite

View full text Add to dashboard Cite

Software-defined networking (SDN) is a programmable architecture for networking domain in which the security is provided by devising the network policies with the help of the network administrator. This is very cumbersome for the administrator to handle different attacks at various planes in SDN architecture. Blockchain can be used to prevent various attacks in SDN by providing a decentralization authentication environment. In this article, a secure Blockchain-based privacy-preserving protocol is proposed to thwart various security vulnerabilities in the SDN architecture. The proposed approach uses Modified-Delegated Proof of Stake as the consensus protocol to ensure safety and reliability in the network. Besides, a security protocol is designed using cryptographic primitives and analyzed using a detailed security analysis. Initially, the consensus protocols are implemented using solidity smart contracts and deployed to the public Blockchain using Ethereum. Consequently, the proposed approach is simulated on OMNet++ using INET framework. The experimental results show that the proposed SDN-Chain is secure, efficient, less incentive to centralize, and practically implementable in resource-limited wireless and mobile environments.

show abstract

“…There are instances in which the information is prevented from reaching its designated destination, leading to significant damage. [7] Malware Attacks Malware attacks are the most common form of security attacks in a computing environment, and the case is the same with SDNs. The list of malware that can hurt the SDNs is a long one that comprises various types such as viruses, Trojan horses, worms, logic bombs, and many more.…”

Section: Information Leakage and Lossmentioning

confidence: 99%

An Overview on SDN and NFV Security Orchestration in Cloud Network Environment

Aziz

Abdulqadder

2021

Cihan U Erbil SCI J

View full text Add to dashboard Cite

Cloud networks are being used in most industries and applications in the current era. Software-defined networking has come up as an alternative tool and mechanism to follow and implement in a cloud networking environment in place of the traditional networking approaches. This paper includes the security aspects of computer networking concerning the cloud networking environment and software-defined networks. The security risks and vulnerabilities have been listed and described in this work, and the measures that may be adapted to detect, prevent, and control the same. The use of figures, diagrams, and codes has been done as applicable.

show abstract

Software‐defined networking security for private data center networks and clouds: Vulnerabilities, attacks, countermeasures, and solutions

Cited by 32 publications

References 39 publications

UGRansome1819: A Novel Dataset for Anomaly Detection and Zero-Day Threats

UGRansome1819: A Novel Dataset for Anomaly Detection and Zero-Day Threats

SDN‐chain: Privacy‐preserving protocol for software defined networks using blockchain

An Overview on SDN and NFV Security Orchestration in Cloud Network Environment

Contact Info

Product

Resources

About