Top

Soft Computing

Published in:

19-11-2019 | Methodologies and Application

A hybrid OpenFlow with intelligent detection and prediction models for preventing BGP path hijack on SDN

Authors: R. Pradeepa, M. Pushpalatha

Published in: Soft Computing | Issue 13/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Border Gateway Protocol (BGP) is a path vector protocol whose fundamental aim is to exchange the information across the Internet, which directs data between autonomous systems. The significant drawback of the BGP is that it does not address security; path hijacking is one of the top-rated cyber hijacks. Existing methods such as sBGP, soBGP and PGBGP have focused more on detecting path hijacking rather than preventing. Hence, we propose an intelligent model to detect abnormal behavior of a network and to predict and prevent BGP path hijacking (DPPBGP) in software-defined networks. The main objective of our proposed model is to reduce detection time and the controller workload with SFlow-integrated OpenFlow. Three modules of our model are as follows: (1) Based on the abnormal behavior of the network, we evaluated the statistics. We use the statistic features in the cumulative sum abnormal detection algorithm to detect abnormal behavior and flows proficiently and perfectly with less detection time. (2) An intelligent machine learning approach knows as a Pattern Sequence Forecasting algorithm is used to forecast the behavior of the network. (3) After the detection or the forecast of abnormality, path hijack is prevented by killing the appropriate PID based on SFlow analyzer. Simulation results show how large the network of this model can perform accurately and effectively.

previous article ACO-IM: maximizing influence in social networks using ant colony optimization

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Basit A, Ahmed N (2017) Path diversity for inter-domain routing security. In: 2017 14th international Bhurban conference on applied sciences and technology (IBCAST), pp 384–391. IEEE

Bellovin S (2003) SBGP- Secure BGP in NANOG28, Jun

Bokde N, Asencio-Cortés G, Martínez-Álvarez F, Kulat K (2016) Psf: Introduction to r package for pattern sequence based forecasting algorithm. arXiv preprint arXiv:1606.05492

Butler K, Farley TR, McDaniel P, Rexford J (2010) A survey of BGP security issues and solutions. Proc IEEE 98(1):100–122CrossRef

Chang G, Arianezhad M, Trajković L (2016) Using resource public key infrastructure for secure border gateway protocol. In: 2016 IEEE Canadian conference on electrical and computer engineering (CCECE), pp 1–6. IEEE

Conejo AJ, Plazas MA, Espinola R, Molina AB (2005) Day-ahead electricity price forecasting using the wavelet transform and ARIMA models. IEEE Trans Power Syst 20(2):1035–1042CrossRef

Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk W (2008) Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile (No. RFC 5280)

Deng W, Zhao H, Yang X, Xiong J, Sun M, Li B (2017a) Study on an improved adaptive PSO algorithm for solving multi-objective gate assignment. Appl Soft Comput 59:288–302CrossRef

Deng W, Zhao H, Zou L, Li G, Yang X, Wu D (2017b) A novel collaborative optimization algorithm in solving complex optimization problems. Soft Comput 21(15):4387–4398CrossRef

Deng W, Xu J, Zhao H (2019) An improved ant colony optimization algorithm based on hybrid strategies for scheduling problem. IEEE Access 7:20281–20292CrossRef

Goodell G, Aiello W, Griffin T, Ioannidis J, McDaniel PD, Rubin AD (2003) Working around BGP: an incremental approach to improving security and accuracy in interdomain routing. In: NDSS, vol 23, p 156

Gupta A, Vanbever L, Shahbaz M, Donovan SP, Schlinker B, Feamster N, Katz-Bassett E (2015) Sdx: a software defined internet exchange. ACM SIGCOMM Comput Commun Rev 44(4):551–562CrossRef

Hu X, Mao ZM (2007) Accurate real-time identification of IP prefix hijacking. In: 2007 IEEE symposium on security and privacy (SP’07), pp 3–17. IEEE

Hyndman RJ, Khandakar Y (2007) Automatic time series for forecasting: the forecast package for R (No. 6/07). Clayton VIC, Australia: Monash University, Department of Econometrics and Business Statistics

Karaoglu HT, Yuksel M (2013) Offloading routing complexity to the cloud (s). In: 2013 IEEE international conference on communications workshops (ICC), pp 1367–1371. IEEE

Karlin J, Forrest S, Rexford J (2008a) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923CrossRef

Karlin J, Forrest S, Rexford J (2008b) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923CrossRef

Kent ST (2003) Securing the border gateway protocol: a status update. In: IFIP international conference on communications and multimedia security. Springer, Berlin, pp 40–53CrossRef

Kent S, Lynn C, Seo K (2000) Secure border gateway protocol (S-BGP). IEEE J Sel Areas Commun 18(4):582–592CrossRef

Kinga F (2015) CUSUM anomaly detection (CAD)—a novel anomaly detection algorithm in public group Portland-Data-Science-Group-events-226361104

Kurt MN, Yilmaz Y, Wang X (2018) Real-time nonparametric anomaly detection in high-dimensional settings. arXiv preprint arXiv:1809.05250

Lin P, Bi J, Hu H (2016) BTSDN: BGP-based transition for the existing networks to SDN. Wirel Pers Commun 86(4):1829–1843CrossRef

Murphy S (2005) BGP security vulnerabilities analysis (No. RFC 4272)

Ng J (2004) Extensions to BGP to support secure origin BGP (soBGP). Internet Draft

NOCTION (2018) BGP hijacking overview. Routing incidents prevention and defense mechanisms. (Updated) in https://www.noction.com/blog/bgp-hijacking

Sahrish KT, Nadeem ST (2016) Routing techniques in software defined networks: a survey IEEE (IBCAST 2016), Islamabad, Pakistan

Schlamp J, Carle G, Biersack EW (2012) How to prevent AS hijacking attacks. In: Proceedings of the 2012 ACM conference on CoNEXT student workshop, pp 29–30. ACM

Schlamp J, Holz R, Jacquemart Q, Carle G, Biersack EW (2016) HEAP: reliable assessment of BGP hijacking attacks. IEEE J Sel Areas Commun 34(6):1849–1861CrossRef

Scott-Hayward S, O’Callaghan G, Sezer S (2013) SDN security: a survey. In IEEE SDN For Future Networks and Services (SDN4FNS, pp 1–7

Sermpezis P, Kotronis V, Gigis P, Dimitropoulos X, Cicalese D, King A, Dainotti A (2018) ARTEMIS: neutralizing BGP hijacking within a minute. IEEE/ACM Trans Netw 26(6):2471–2486CrossRef

Yan H, Oliveira R, Burnett K, Matthews D, Zhang L, Massey D (2009) BGPmon: a real-time, scalable, extensible monitoring system. In: 2009 cybersecurity applications and technology conference for homeland security, pp 212–223. IEEE

Yaping L, Wenping D, Zhihong L, Feng H (2015) 3S: three-signature path authentication for BGP security. Secur Commun Netw 3:3002–3014

Yun JK, Song JH (2016) Policy-based AS path verification with enhanced comparison algorithm to prevent 1-hop AS Path Hijacking in real time. Int J Multimed Ubiquitous Eng 11(1):11–22CrossRef

Yun JK, Hong B, Kim Y (2015) The policy-based AS_PATH verification to prevent 1-hop as path hijacking by monitoring BGP live streams. Int J Adv Secur 8(1 & 2):2015

Zhao J, Wen Y (2013) Evaluation on the influence of internet prefix hijacking events. Comput Sci Inf Syst 10(2):611–631CrossRef

Zhao M, Smith SW, Nicol DM (2005) The performance impact of BGP security. IEEE Netw 19(6):42–48CrossRef

Zhao H, Yao R, Xu L, Yuan Y, Li G, Deng W (2018) Study on a novel fault damage degree identification method using high-order differential mathematical morphology gradient spectrum entropy. Entropy 20(9):682CrossRef

Zhao H, Zheng J, Xu J, Deng W (2019) Fault diagnosis method based on principal component analysis and broad learning system. IEEE Access 7:99263–99272CrossRef

Title: A hybrid OpenFlow with intelligent detection and prediction models for preventing BGP path hijack on SDN
Authors: R. Pradeepa
M. Pushpalatha
Publication date: 19-11-2019
Publisher: Springer Berlin Heidelberg
Published in: Soft Computing / Issue 13/2020
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-019-04534-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 13/2020

Multi-granular soft rough covering sets

Writer identification system for pre-segmented offline handwritten Devanagari characters using k-NN and SVM

ACO-IM: maximizing influence in social networks using ant colony optimization

A novel time-shifting method to find popular blog post topics

An innovative user-attentive framework for supporting real-time detection and mining of streaming microblog posts

EEG signal classification using LSTM and improved neural network algorithms

Premium Partner