Cargando…

Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques

The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wi...

Descripción completa

Detalles Bibliográficos
Autores principales: Amanowicz, Marek, Jankowski, Damian
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8122993/
https://www.ncbi.nlm.nih.gov/pubmed/33922723
http://dx.doi.org/10.3390/s21092972
_version_ 1783692775276937216
author Amanowicz, Marek
Jankowski, Damian
author_facet Amanowicz, Marek
Jankowski, Damian
author_sort Amanowicz, Marek
collection PubMed
description The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions.
format Online
Article
Text
id pubmed-8122993
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-81229932021-05-16 Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques Amanowicz, Marek Jankowski, Damian Sensors (Basel) Article The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions. MDPI 2021-04-23 /pmc/articles/PMC8122993/ /pubmed/33922723 http://dx.doi.org/10.3390/s21092972 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Amanowicz, Marek
Jankowski, Damian
Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_full Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_fullStr Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_full_unstemmed Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_short Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_sort detection and classification of malicious flows in software-defined networks using data mining techniques
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8122993/
https://www.ncbi.nlm.nih.gov/pubmed/33922723
http://dx.doi.org/10.3390/s21092972
work_keys_str_mv AT amanowiczmarek detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques
AT jankowskidamian detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques