Detection of Flow Based Anomaly in OpenFlow Controller: Machine Learning Approach in Software Defined Networking

Samrat Kumar Dey, M. Rahman, Md. Raihan Uddin
{"title":"Detection of Flow Based Anomaly in OpenFlow Controller: Machine Learning Approach in Software Defined Networking","authors":"Samrat Kumar Dey, M. Rahman, Md. Raihan Uddin","doi":"10.1109/CEEICT.2018.8628105","DOIUrl":null,"url":null,"abstract":"Software Defined Networking (SDN) has come to prominence in recent years and demonstrates an enormous potential in shaping the future of networking by separating control plane from data plane. OpenFlow is the first and most widely used protocol that makes this separation possible in the first place. As a newly emerged technology, SDN has its inherent security threats that can be eliminated or at least mitigated by securing the OpenFlow controller that manages flow control in SDN. SDN provides us a chance to strengthen our network security by decoupling its control plane and data plane. At this level, there also exists some certain risk, which is associated with this technology. In this research, a flow based anomaly detection method in OpenFlow controller have been approached by using machine-learning algorithms in SDN architecture. In order to improve the classifier performance, some feature selection methods namely Info Gain, Gain Ratio, CFS Subset Evaluator, Symmetric Uncertainty, and Chi-square test have been applied as a processing of dataset. A full dataset of 41 features and a reduced dataset has experimented. A dataset with feature selection ensures the highest accuracy of nearly 82% with Random Forest classifier using Gain Ratio feature selection Evaluator. Experimental results ratify that machine-learning approach with feature selection method indices strong potential for the detection of flow based anomaly in OpenFlow controller.","PeriodicalId":417359,"journal":{"name":"2018 4th International Conference on Electrical Engineering and Information & Communication Technology (iCEEiCT)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 4th International Conference on Electrical Engineering and Information & Communication Technology (iCEEiCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CEEICT.2018.8628105","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12

Abstract

Software Defined Networking (SDN) has come to prominence in recent years and demonstrates an enormous potential in shaping the future of networking by separating control plane from data plane. OpenFlow is the first and most widely used protocol that makes this separation possible in the first place. As a newly emerged technology, SDN has its inherent security threats that can be eliminated or at least mitigated by securing the OpenFlow controller that manages flow control in SDN. SDN provides us a chance to strengthen our network security by decoupling its control plane and data plane. At this level, there also exists some certain risk, which is associated with this technology. In this research, a flow based anomaly detection method in OpenFlow controller have been approached by using machine-learning algorithms in SDN architecture. In order to improve the classifier performance, some feature selection methods namely Info Gain, Gain Ratio, CFS Subset Evaluator, Symmetric Uncertainty, and Chi-square test have been applied as a processing of dataset. A full dataset of 41 features and a reduced dataset has experimented. A dataset with feature selection ensures the highest accuracy of nearly 82% with Random Forest classifier using Gain Ratio feature selection Evaluator. Experimental results ratify that machine-learning approach with feature selection method indices strong potential for the detection of flow based anomaly in OpenFlow controller.
OpenFlow控制器中基于流量的异常检测:软件定义网络中的机器学习方法
软件定义网络(SDN)近年来崭露头角,通过将控制平面与数据平面分离,在塑造未来网络方面显示出巨大的潜力。OpenFlow是第一个也是最广泛使用的协议,它首先使这种分离成为可能。作为一项新兴技术,SDN有其固有的安全威胁,可以通过保护SDN中管理流量控制的OpenFlow控制器来消除或至少减轻安全威胁。SDN通过将其控制平面和数据平面解耦,为我们提供了加强网络安全性的机会。在这个层面上,还存在一些与该技术相关的风险。本研究利用SDN架构下的机器学习算法,探讨了OpenFlow控制器中基于流量的异常检测方法。为了提高分类器的性能,采用了信息增益(Info Gain)、增益比(Gain Ratio)、CFS子集评估器(CFS子集评估器)、对称不确定性(Symmetric Uncertainty)和卡方检验等特征选择方法对数据集进行处理。一个包含41个特征的完整数据集和一个简化的数据集进行了实验。使用增益比特征选择评估器的随机森林分类器,具有特征选择的数据集确保了接近82%的最高准确率。实验结果表明,基于特征选择方法的机器学习方法在OpenFlow控制器中基于流量的异常检测方面具有很强的潜力。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信