Software defined network and graph neural network-based anomaly detection scheme for high speed networks

Cyber Security and Applications Pub Date : 2024-11-30 DOI:10.1016/j.csa.2024.100079

Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif

{"title":"Software defined network and graph neural network-based anomaly detection scheme for high speed networks","authors":"Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif","doi":"10.1016/j.csa.2024.100079","DOIUrl":null,"url":null,"abstract":"<div><div>In recent years, the proliferation of Software-Defined Networking (SDN) has revolutionized network management and operation. However, with SDN’s increased connectivity and dynamic nature, security threats like Denial-of-Service (DoS) attacks have also evolved, posing significant challenges to network administrators. This research uses the GraphSAGE algorithm to improve DoS attack detection using SDN and Graph Neural Network (GNN) to address the abovementioned problems. The study further explores the effectiveness of four anomaly detection techniques - Histogram-Based Outlier Score (HBOS), Cluster-Based Local Outlier Factor (CBLOF), Isolation Forest (IF), and Principal Component Analysis (PCA) - to identify and mitigate potential DoS attacks accurately. Through extensive experimentation and evaluation, the proposed framework achieves an better accuracy of detecting the anomalies than one without GraphSAGE model underscoring its potential to strengthen the security of SDN architectures against DoS attacks.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100079"},"PeriodicalIF":0.0000,"publicationDate":"2024-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cyber Security and Applications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772918424000456","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In recent years, the proliferation of Software-Defined Networking (SDN) has revolutionized network management and operation. However, with SDN’s increased connectivity and dynamic nature, security threats like Denial-of-Service (DoS) attacks have also evolved, posing significant challenges to network administrators. This research uses the GraphSAGE algorithm to improve DoS attack detection using SDN and Graph Neural Network (GNN) to address the abovementioned problems. The study further explores the effectiveness of four anomaly detection techniques - Histogram-Based Outlier Score (HBOS), Cluster-Based Local Outlier Factor (CBLOF), Isolation Forest (IF), and Principal Component Analysis (PCA) - to identify and mitigate potential DoS attacks accurately. Through extensive experimentation and evaluation, the proposed framework achieves an better accuracy of detecting the anomalies than one without GraphSAGE model underscoring its potential to strengthen the security of SDN architectures against DoS attacks.

查看原文本刊更多论文

基于软件定义网络和图神经网络的高速网络异常检测方案

近年来，软件定义网络（SDN）的普及给网络管理和运营带来了革命性的变化。然而，随着SDN的连接性和动态性的增加，拒绝服务（DoS）攻击等安全威胁也在不断发展，给网络管理员带来了重大挑战。本研究使用GraphSAGE算法改进DoS攻击检测，采用SDN和图神经网络（GNN）来解决上述问题。该研究进一步探讨了四种异常检测技术的有效性-基于直方图的异常值评分（HBOS），基于聚类的局部异常值因子（CBLOF），隔离森林（IF）和主成分分析(PCA) -准确识别和减轻潜在的DoS攻击。通过广泛的实验和评估，所提出的框架比没有GraphSAGE模型的框架在检测异常方面具有更好的准确性，强调了其增强SDN架构抵御DoS攻击的安全性的潜力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Cyber Security and Applications

CiteScore

5.20

自引率

0.00%

发文量