Cargando…

Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network

Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-...

Descripción completa

Detalles Bibliográficos
Autores principales: Prabakaran, Senthil, Ramar, Ramalakshmi, Hussain, Irshad, Kavin, Balasubramanian Prabhu, Alshamrani, Sultan S., AlGhamdi, Ahmed Saeed, Alshehri, Abdullah
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2022
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8839531/
https://www.ncbi.nlm.nih.gov/pubmed/35161456
http://dx.doi.org/10.3390/s22030709
_version_ 1784650392052695040
author Prabakaran, Senthil
Ramar, Ramalakshmi
Hussain, Irshad
Kavin, Balasubramanian Prabhu
Alshamrani, Sultan S.
AlGhamdi, Ahmed Saeed
Alshehri, Abdullah
author_facet Prabakaran, Senthil
Ramar, Ramalakshmi
Hussain, Irshad
Kavin, Balasubramanian Prabhu
Alshamrani, Sultan S.
AlGhamdi, Ahmed Saeed
Alshehri, Abdullah
author_sort Prabakaran, Senthil
collection PubMed
description Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers.
format Online
Article
Text
id pubmed-8839531
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-88395312022-02-13 Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network Prabakaran, Senthil Ramar, Ramalakshmi Hussain, Irshad Kavin, Balasubramanian Prabhu Alshamrani, Sultan S. AlGhamdi, Ahmed Saeed Alshehri, Abdullah Sensors (Basel) Article Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers. MDPI 2022-01-18 /pmc/articles/PMC8839531/ /pubmed/35161456 http://dx.doi.org/10.3390/s22030709 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Prabakaran, Senthil
Ramar, Ramalakshmi
Hussain, Irshad
Kavin, Balasubramanian Prabhu
Alshamrani, Sultan S.
AlGhamdi, Ahmed Saeed
Alshehri, Abdullah
Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title_full Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title_fullStr Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title_full_unstemmed Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title_short Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
title_sort predicting attack pattern via machine learning by exploiting stateful firewall as virtual network function in an sdn network
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8839531/
https://www.ncbi.nlm.nih.gov/pubmed/35161456
http://dx.doi.org/10.3390/s22030709
work_keys_str_mv AT prabakaransenthil predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT ramarramalakshmi predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT hussainirshad predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT kavinbalasubramanianprabhu predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT alshamranisultans predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT alghamdiahmedsaeed predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork
AT alshehriabdullah predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork