平衡SDN环境下的恶意流量检测

2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN) Pub Date : 2021-08-17 DOI:10.1109/ICUFN49451.2021.9528577

Bruno Salgado Machado, J. M. Silva, S. R. Lima, P. Carvalho

{"title":"平衡SDN环境下的恶意流量检测","authors":"Bruno Salgado Machado, J. M. Silva, S. R. Lima, P. Carvalho","doi":"10.1109/ICUFN49451.2021.9528577","DOIUrl":null,"url":null,"abstract":"Huge efforts and resources are spent every year on prevention and recovery of cyberattacks targeting users, services and network infrastructures. Software-Defined Networking (SDN) is a technology providing advances to the field of security with the ability of programming the network, promoting highperformance solutions and efficient resource utilization at low costs, as the use of specialized hardware is avoided. The present paper aims at exploring the SDN paradigm to develop an SDN-based framework for prevention and mitigation of malicious attacks throuhgt the network. The framework design and proposal has concerns regarding the efficient use of network and computational resources, distributing the inspection of suspicious flows by distinct Intrusion Detection Systems. For this purpose, a load-balancing strategy for traffic inspection is devised, allowing to balance both the usage of resources and the analysis of traffic flows. In this way, this paper also sheds light on the usage of OpenFlow messages to build distributed SDN-based applications with the mentioned properties.","PeriodicalId":318542,"journal":{"name":"2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN)","volume":"475 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Balancing the Detection of Malicious Traffic in SDN Context\",\"authors\":\"Bruno Salgado Machado, J. M. Silva, S. R. Lima, P. Carvalho\",\"doi\":\"10.1109/ICUFN49451.2021.9528577\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Huge efforts and resources are spent every year on prevention and recovery of cyberattacks targeting users, services and network infrastructures. Software-Defined Networking (SDN) is a technology providing advances to the field of security with the ability of programming the network, promoting highperformance solutions and efficient resource utilization at low costs, as the use of specialized hardware is avoided. The present paper aims at exploring the SDN paradigm to develop an SDN-based framework for prevention and mitigation of malicious attacks throuhgt the network. The framework design and proposal has concerns regarding the efficient use of network and computational resources, distributing the inspection of suspicious flows by distinct Intrusion Detection Systems. For this purpose, a load-balancing strategy for traffic inspection is devised, allowing to balance both the usage of resources and the analysis of traffic flows. In this way, this paper also sheds light on the usage of OpenFlow messages to build distributed SDN-based applications with the mentioned properties.\",\"PeriodicalId\":318542,\"journal\":{\"name\":\"2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN)\",\"volume\":\"475 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICUFN49451.2021.9528577\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICUFN49451.2021.9528577","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

针对用户、服务和网络基础设施的网络攻击，每年都要投入大量的精力和资源进行预防和恢复。软件定义网络(SDN)是一种为安全领域提供进步的技术，它能够对网络进行编程，以低成本促进高性能解决方案和高效的资源利用，因为它避免了使用专门的硬件。本文旨在探索SDN范式，以开发基于SDN的框架，用于预防和减轻整个网络中的恶意攻击。该框架的设计和建议考虑了网络和计算资源的有效利用，以及不同入侵检测系统对可疑流量的检测。为此，设计了一种流量检测的负载平衡策略，使资源的使用和流量的分析达到平衡。通过这种方式，本文还阐明了如何使用OpenFlow消息来构建具有上述属性的基于sdn的分布式应用程序。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Balancing the Detection of Malicious Traffic in SDN Context

Huge efforts and resources are spent every year on prevention and recovery of cyberattacks targeting users, services and network infrastructures. Software-Defined Networking (SDN) is a technology providing advances to the field of security with the ability of programming the network, promoting highperformance solutions and efficient resource utilization at low costs, as the use of specialized hardware is avoided. The present paper aims at exploring the SDN paradigm to develop an SDN-based framework for prevention and mitigation of malicious attacks throuhgt the network. The framework design and proposal has concerns regarding the efficient use of network and computational resources, distributing the inspection of suspicious flows by distinct Intrusion Detection Systems. For this purpose, a load-balancing strategy for traffic inspection is devised, allowing to balance both the usage of resources and the analysis of traffic flows. In this way, this paper also sheds light on the usage of OpenFlow messages to build distributed SDN-based applications with the mentioned properties.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 Twelfth International Conference on Ubiquitous and Future Networks (ICUFN)

自引率

0.00%

发文量