Cargando…
Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wi...
Autores principales: | , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2021
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8122993/ https://www.ncbi.nlm.nih.gov/pubmed/33922723 http://dx.doi.org/10.3390/s21092972 |
_version_ | 1783692775276937216 |
---|---|
author | Amanowicz, Marek Jankowski, Damian |
author_facet | Amanowicz, Marek Jankowski, Damian |
author_sort | Amanowicz, Marek |
collection | PubMed |
description | The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions. |
format | Online Article Text |
id | pubmed-8122993 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2021 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-81229932021-05-16 Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques Amanowicz, Marek Jankowski, Damian Sensors (Basel) Article The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions. MDPI 2021-04-23 /pmc/articles/PMC8122993/ /pubmed/33922723 http://dx.doi.org/10.3390/s21092972 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Amanowicz, Marek Jankowski, Damian Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title | Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title_full | Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title_fullStr | Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title_full_unstemmed | Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title_short | Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques |
title_sort | detection and classification of malicious flows in software-defined networks using data mining techniques |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8122993/ https://www.ncbi.nlm.nih.gov/pubmed/33922723 http://dx.doi.org/10.3390/s21092972 |
work_keys_str_mv | AT amanowiczmarek detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques AT jankowskidamian detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques |