• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of network and computer applications >Identifying cyber-attacks on software defined networks: An inference-based intrusion detection approach
【24h】

Identifying cyber-attacks on software defined networks: An inference-based intrusion detection approach

机译:识别软件定义网络上的网络攻击:基于推理的入侵检测方法

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Software Defined Networking is an emerging architecture which focuses on the role of software to manage computer networks. Software Defined Networks (SDNs) introduce several mechanisms to detect specific types of attacks such as Denial of Service (DoS). Nevertheless, they are vulnerable to similar attacks that occur in traditional networks, such as the attacks that target control and data plane. Several techniques are proposed to handle the security vulnerabilities in SDNs. However, it is fairly challenging to create attack signatures, scenarios, or even intrusion detection rules that are applicable to dynamic environments such SDNs. This paper introduces a new approach to identify attacks on SDNs that uses: (1) similarity with existing attacks that target traditional networks, (2) an inference mechanism to avoid false positives and negatives during the prediction process, and (3) a packet aggregation technique which aims at creating attack signatures and use them to predict attacks on SDNs. We validated our approach on two datasets and showed that it yields promising results.
机译:软件定义网络是一种新兴的体系结构,其重点是软件在管理计算机网络方面的作用。软件定义网络(SDN)引入了多种机制来检测特定类型的攻击,例如拒绝服务(DoS)。但是,它们很容易遭受传统网络中发生的类似攻击,例如针对控制和数据平面的攻击。提出了几种技术来处理SDN中的安全漏洞。但是,创建适用于诸如SDN之类的动态环境的攻击特征,方案甚至入侵检测规则是相当具有挑战性的。本文介绍了一种新的方法来识别对SDN的攻击,该方法使用:(1)与针对传统网络的现有攻击的相似性;(2)一种在预测过程中避免误报和误报的推理机制;以及(3)数据包聚合该技术旨在创建攻击特征并将其用于预测对SDN的攻击。我们在两个数据集上验证了我们的方法,并表明它产生了可喜的结果。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号