{"title":"一种检测SDN交换机DoS攻击的机器学习方法","authors":"T. Abhiroop, Sarath Babu, B. S. Manoj","doi":"10.1109/NCC.2018.8600196","DOIUrl":null,"url":null,"abstract":"Software Defined Networking (SDN) breaks the vertical integration of existing Internet architecture and makes the network programmable from a logically centralized control point. Even though the centralized network control provides several advantages, attacks toward SDN framework remain as a challenge. In this paper, we propose a method based on machine learning to detect Denial of Service (DoS) attack in data plane devices, i.e., the OpenFlow switches, resulting from flow-table overflow. We created an SDN dataset using Mininet and features are extracted from switch-controller communication trace as well as flow-table snapshots of OpenFlow switches. Further, we use three algorithms, (i) Neural Network, (ii) Support Vector Machines, and (iii) Naive Bayes, to classify the network to either malicious or benign. The results show that neural network and Naive Bayes provide 100% accuracy with the extracted features.","PeriodicalId":121544,"journal":{"name":"2018 Twenty Fourth National Conference on Communications (NCC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"A Machine Learning Approach for Detecting DoS Attacks in SDN Switches\",\"authors\":\"T. Abhiroop, Sarath Babu, B. S. Manoj\",\"doi\":\"10.1109/NCC.2018.8600196\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Defined Networking (SDN) breaks the vertical integration of existing Internet architecture and makes the network programmable from a logically centralized control point. Even though the centralized network control provides several advantages, attacks toward SDN framework remain as a challenge. In this paper, we propose a method based on machine learning to detect Denial of Service (DoS) attack in data plane devices, i.e., the OpenFlow switches, resulting from flow-table overflow. We created an SDN dataset using Mininet and features are extracted from switch-controller communication trace as well as flow-table snapshots of OpenFlow switches. Further, we use three algorithms, (i) Neural Network, (ii) Support Vector Machines, and (iii) Naive Bayes, to classify the network to either malicious or benign. The results show that neural network and Naive Bayes provide 100% accuracy with the extracted features.\",\"PeriodicalId\":121544,\"journal\":{\"name\":\"2018 Twenty Fourth National Conference on Communications (NCC)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 Twenty Fourth National Conference on Communications (NCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCC.2018.8600196\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 Twenty Fourth National Conference on Communications (NCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCC.2018.8600196","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Machine Learning Approach for Detecting DoS Attacks in SDN Switches
Software Defined Networking (SDN) breaks the vertical integration of existing Internet architecture and makes the network programmable from a logically centralized control point. Even though the centralized network control provides several advantages, attacks toward SDN framework remain as a challenge. In this paper, we propose a method based on machine learning to detect Denial of Service (DoS) attack in data plane devices, i.e., the OpenFlow switches, resulting from flow-table overflow. We created an SDN dataset using Mininet and features are extracted from switch-controller communication trace as well as flow-table snapshots of OpenFlow switches. Further, we use three algorithms, (i) Neural Network, (ii) Support Vector Machines, and (iii) Naive Bayes, to classify the network to either malicious or benign. The results show that neural network and Naive Bayes provide 100% accuracy with the extracted features.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
