{"title":"软件定义网络的无监督攻击检测方法","authors":"Ravin Chouhan, M. Atulkar, N. K. Nagwani","doi":"10.1109/ICAISS55157.2022.10010577","DOIUrl":null,"url":null,"abstract":"Software Defined Networking (SDN) is quickly becoming a vital technology for the future Internet. SDN provides a worldwide network with the capacity to manage network traffic dynamically. One of the main advantages of SDN over traditional networks is that it provides better network security due to centralised control. However, the flexibility offered by SDN architecture raises several additional network security concerns that must be addressed to improve SDN network security. This study proposes an unsupervised learning method to address attacks in the SDN controller. 7 extracted features from southbound traffic have been used to train KMeans, MeanShift, Density-Based Spatial Clustering of Applications with Noise (DBSCAN), AgglomerativeClustering, Balanced Iterative Reducing and Clustering using Hierarchies (BIRCH), MiniBatchKMeans, Ordering Points To Identify Cluster Structure (OPTICS), and SpectralClustering, which are all well-known unsupervised classifiers. In terms of various well-known performance measuring criteria, such as Silhouette Score (SS), Calinski Harabasz Index (CHI), and Davies Bouldin Index (DBI), BIRCH outperforms all other classifiers.","PeriodicalId":243784,"journal":{"name":"2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An Unsupervised Attack Detection Approach for Software Defined Networks\",\"authors\":\"Ravin Chouhan, M. Atulkar, N. K. Nagwani\",\"doi\":\"10.1109/ICAISS55157.2022.10010577\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Defined Networking (SDN) is quickly becoming a vital technology for the future Internet. SDN provides a worldwide network with the capacity to manage network traffic dynamically. One of the main advantages of SDN over traditional networks is that it provides better network security due to centralised control. However, the flexibility offered by SDN architecture raises several additional network security concerns that must be addressed to improve SDN network security. This study proposes an unsupervised learning method to address attacks in the SDN controller. 7 extracted features from southbound traffic have been used to train KMeans, MeanShift, Density-Based Spatial Clustering of Applications with Noise (DBSCAN), AgglomerativeClustering, Balanced Iterative Reducing and Clustering using Hierarchies (BIRCH), MiniBatchKMeans, Ordering Points To Identify Cluster Structure (OPTICS), and SpectralClustering, which are all well-known unsupervised classifiers. In terms of various well-known performance measuring criteria, such as Silhouette Score (SS), Calinski Harabasz Index (CHI), and Davies Bouldin Index (DBI), BIRCH outperforms all other classifiers.\",\"PeriodicalId\":243784,\"journal\":{\"name\":\"2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICAISS55157.2022.10010577\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAISS55157.2022.10010577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
软件定义网络(SDN)正迅速成为未来互联网的一项重要技术。SDN为全球网络提供了动态管理网络流量的能力。SDN相对于传统网络的主要优势之一是由于集中控制,它提供了更好的网络安全性。然而,SDN架构提供的灵活性提出了几个额外的网络安全问题,必须解决这些问题才能提高SDN网络的安全性。本研究提出一种无监督学习方法来解决SDN控制器中的攻击。从南行交通中提取的特征被用于训练KMeans、MeanShift、基于密度的空间聚类(DBSCAN)、agglomerativecluclustering、平衡迭代约简和分层聚类(BIRCH)、MiniBatchKMeans、排序点识别聚类结构(OPTICS)和频谱聚类,这些都是众所周知的无监督分类器。根据各种众所周知的性能测量标准,如Silhouette Score (SS), Calinski Harabasz Index (CHI)和Davies Bouldin Index (DBI), BIRCH优于所有其他分类器。
An Unsupervised Attack Detection Approach for Software Defined Networks
Software Defined Networking (SDN) is quickly becoming a vital technology for the future Internet. SDN provides a worldwide network with the capacity to manage network traffic dynamically. One of the main advantages of SDN over traditional networks is that it provides better network security due to centralised control. However, the flexibility offered by SDN architecture raises several additional network security concerns that must be addressed to improve SDN network security. This study proposes an unsupervised learning method to address attacks in the SDN controller. 7 extracted features from southbound traffic have been used to train KMeans, MeanShift, Density-Based Spatial Clustering of Applications with Noise (DBSCAN), AgglomerativeClustering, Balanced Iterative Reducing and Clustering using Hierarchies (BIRCH), MiniBatchKMeans, Ordering Points To Identify Cluster Structure (OPTICS), and SpectralClustering, which are all well-known unsupervised classifiers. In terms of various well-known performance measuring criteria, such as Silhouette Score (SS), Calinski Harabasz Index (CHI), and Davies Bouldin Index (DBI), BIRCH outperforms all other classifiers.