Top

previous article ACO-IM: maximizing influence in social networks...

Hint

Swipe to navigate through the articles of this issue

19-11-2019 | Methodologies and Application | Issue 13/2020

A hybrid OpenFlow with intelligent detection and prediction models for preventing BGP path hijack on SDN

Journal:: Soft Computing > Issue 13/2020

Authors:: R. Pradeepa, M. Pushpalatha

» Get access to the full-text

Important notes

Communicated by V. Loia.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Abstract

The Border Gateway Protocol (BGP) is a path vector protocol whose fundamental aim is to exchange the information across the Internet, which directs data between autonomous systems. The significant drawback of the BGP is that it does not address security; path hijacking is one of the top-rated cyber hijacks. Existing methods such as sBGP, soBGP and PGBGP have focused more on detecting path hijacking rather than preventing. Hence, we propose an intelligent model to detect abnormal behavior of a network and to predict and prevent BGP path hijacking (DPPBGP) in software-defined networks. The main objective of our proposed model is to reduce detection time and the controller workload with SFlow-integrated OpenFlow. Three modules of our model are as follows: (1) Based on the abnormal behavior of the network, we evaluated the statistics. We use the statistic features in the cumulative sum abnormal detection algorithm to detect abnormal behavior and flows proficiently and perfectly with less detection time. (2) An intelligent machine learning approach knows as a Pattern Sequence Forecasting algorithm is used to forecast the behavior of the network. (3) After the detection or the forecast of abnormality, path hijack is prevented by killing the appropriate PID based on SFlow analyzer. Simulation results show how large the network of this model can perform accurately and effectively.

Please log in to get access to this content

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 69.000 Bücher
über 500 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 58.000 Bücher
über 300 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 50.000 Bücher
über 380 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Maschinenbau + Werkstoffe

Testen Sie jetzt 30 Tage kostenlos.

inform now

Basit A, Ahmed N (2017) Path diversity for inter-domain routing security. In: 2017 14th international Bhurban conference on applied sciences and technology (IBCAST), pp 384–391. IEEE

Bellovin S (2003) SBGP- Secure BGP in NANOG28, Jun

Bokde N, Asencio-Cortés G, Martínez-Álvarez F, Kulat K (2016) Psf: Introduction to r package for pattern sequence based forecasting algorithm. arXiv preprint arXiv:1606.05492

Butler K, Farley TR, McDaniel P, Rexford J (2010) A survey of BGP security issues and solutions. Proc IEEE 98(1):100–122 CrossRef

Chang G, Arianezhad M, Trajković L (2016) Using resource public key infrastructure for secure border gateway protocol. In: 2016 IEEE Canadian conference on electrical and computer engineering (CCECE), pp 1–6. IEEE

Conejo AJ, Plazas MA, Espinola R, Molina AB (2005) Day-ahead electricity price forecasting using the wavelet transform and ARIMA models. IEEE Trans Power Syst 20(2):1035–1042 CrossRef

Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk W (2008) Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile (No. RFC 5280)

Deng W, Zhao H, Yang X, Xiong J, Sun M, Li B (2017a) Study on an improved adaptive PSO algorithm for solving multi-objective gate assignment. Appl Soft Comput 59:288–302 CrossRef

Deng W, Zhao H, Zou L, Li G, Yang X, Wu D (2017b) A novel collaborative optimization algorithm in solving complex optimization problems. Soft Comput 21(15):4387–4398 CrossRef

Deng W, Xu J, Zhao H (2019) An improved ant colony optimization algorithm based on hybrid strategies for scheduling problem. IEEE Access 7:20281–20292 CrossRef

Goodell G, Aiello W, Griffin T, Ioannidis J, McDaniel PD, Rubin AD (2003) Working around BGP: an incremental approach to improving security and accuracy in interdomain routing. In: NDSS, vol 23, p 156

Gupta A, Vanbever L, Shahbaz M, Donovan SP, Schlinker B, Feamster N, Katz-Bassett E (2015) Sdx: a software defined internet exchange. ACM SIGCOMM Comput Commun Rev 44(4):551–562 CrossRef

Hu X, Mao ZM (2007) Accurate real-time identification of IP prefix hijacking. In: 2007 IEEE symposium on security and privacy (SP’07), pp 3–17. IEEE

Hyndman RJ, Khandakar Y (2007) Automatic time series for forecasting: the forecast package for R (No. 6/07). Clayton VIC, Australia: Monash University, Department of Econometrics and Business Statistics

Karaoglu HT, Yuksel M (2013) Offloading routing complexity to the cloud (s). In: 2013 IEEE international conference on communications workshops (ICC), pp 1367–1371. IEEE

Karlin J, Forrest S, Rexford J (2008a) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923 CrossRef

Karlin J, Forrest S, Rexford J (2008b) Autonomous security for autonomous systems. Comput Netw 52(15):2908–2923 CrossRef

Kent ST (2003) Securing the border gateway protocol: a status update. In: IFIP international conference on communications and multimedia security. Springer, Berlin, pp 40–53 CrossRef

Kent S, Lynn C, Seo K (2000) Secure border gateway protocol (S-BGP). IEEE J Sel Areas Commun 18(4):582–592 CrossRef

Kinga F (2015) CUSUM anomaly detection (CAD)—a novel anomaly detection algorithm in public group Portland-Data-Science-Group-events-226361104

Kurt MN, Yilmaz Y, Wang X (2018) Real-time nonparametric anomaly detection in high-dimensional settings. arXiv preprint arXiv:1809.05250

Lin P, Bi J, Hu H (2016) BTSDN: BGP-based transition for the existing networks to SDN. Wirel Pers Commun 86(4):1829–1843 CrossRef

Murphy S (2005) BGP security vulnerabilities analysis (No. RFC 4272)

Ng J (2004) Extensions to BGP to support secure origin BGP (soBGP). Internet Draft

NOCTION (2018) BGP hijacking overview. Routing incidents prevention and defense mechanisms. (Updated) in https://www.noction.com/blog/bgp-hijacking

Sahrish KT, Nadeem ST (2016) Routing techniques in software defined networks: a survey IEEE (IBCAST 2016), Islamabad, Pakistan

Schlamp J, Carle G, Biersack EW (2012) How to prevent AS hijacking attacks. In: Proceedings of the 2012 ACM conference on CoNEXT student workshop, pp 29–30. ACM

Schlamp J, Holz R, Jacquemart Q, Carle G, Biersack EW (2016) HEAP: reliable assessment of BGP hijacking attacks. IEEE J Sel Areas Commun 34(6):1849–1861 CrossRef

Scott-Hayward S, O’Callaghan G, Sezer S (2013) SDN security: a survey. In IEEE SDN For Future Networks and Services (SDN4FNS, pp 1–7

Sermpezis P, Kotronis V, Gigis P, Dimitropoulos X, Cicalese D, King A, Dainotti A (2018) ARTEMIS: neutralizing BGP hijacking within a minute. IEEE/ACM Trans Netw 26(6):2471–2486 CrossRef

Yan H, Oliveira R, Burnett K, Matthews D, Zhang L, Massey D (2009) BGPmon: a real-time, scalable, extensible monitoring system. In: 2009 cybersecurity applications and technology conference for homeland security, pp 212–223. IEEE

Yaping L, Wenping D, Zhihong L, Feng H (2015) 3S: three-signature path authentication for BGP security. Secur Commun Netw 3:3002–3014

Yun JK, Song JH (2016) Policy-based AS path verification with enhanced comparison algorithm to prevent 1-hop AS Path Hijacking in real time. Int J Multimed Ubiquitous Eng 11(1):11–22 CrossRef

Yun JK, Hong B, Kim Y (2015) The policy-based AS_PATH verification to prevent 1-hop as path hijacking by monitoring BGP live streams. Int J Adv Secur 8(1 & 2):2015

Zhao J, Wen Y (2013) Evaluation on the influence of internet prefix hijacking events. Comput Sci Inf Syst 10(2):611–631 CrossRef

Zhao M, Smith SW, Nicol DM (2005) The performance impact of BGP security. IEEE Netw 19(6):42–48 CrossRef

Zhao H, Yao R, Xu L, Yuan Y, Li G, Deng W (2018) Study on a novel fault damage degree identification method using high-order differential mathematical morphology gradient spectrum entropy. Entropy 20(9):682 CrossRef

Zhao H, Zheng J, Xu J, Deng W (2019) Fault diagnosis method based on principal component analysis and broad learning system. IEEE Access 7:99263–99272 CrossRef

Title: A hybrid OpenFlow with intelligent detection and prediction models for preventing BGP path hijack on SDN
Authors:: R. Pradeepa
M. Pushpalatha
Publication date: 19-11-2019
DOI: https://doi.org/10.1007/s00500-019-04534-x
Publisher: Springer Berlin Heidelberg
Journal: Soft Computing A Fusion of Foundations, Methodologies and Applications
Issue 13/2020
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479

Premium Partner

Image Credits

Springer Professional

Hint

Swipe to navigate through the articles of this issue

Publisher's Note

Abstract

Please log in to get access to this content

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 13/2020

A high-dimensional attribute reduction method modeling and evaluation based on green economy data: evidence from 15 sub-provincial cities in China

A novel time-shifting method to find popular blog post topics

Müntz–Legendre neural network construction for solving delay optimal control problems of fractional order with equality and inequality constraints

Some distance measures for type 2 hesitant fuzzy sets and their applications to multi-criteria group decision-making problems

EEG signal classification using LSTM and improved neural network algorithms

A non-compensatory classification approach for multi-criteria ABC analysis

Premium Partner