nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

12.01.2018

Survey on SDN based network intrusion detection system using machine learning approaches

verfasst von: Nasrin Sultana, Naveen Chilamkurti, Wei Peng, Rabei Alhadad

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 2/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Software Defined Networking Technology (SDN) provides a prospect to effectively detect and monitor network security problems ascribing to the emergence of the programmable features. Recently, Machine Learning (ML) approaches have been implemented in the SDN-based Network Intrusion Detection Systems (NIDS) to protect computer networks and to overcome network security issues. A stream of advanced machine learning approaches – the deep learning technology (DL) commences to emerge in the SDN context. In this survey, we reviewed various recent works on machine learning (ML) methods that leverage SDN to implement NIDS. More specifically, we evaluated the techniques of deep learning in developing SDN-based NIDS. In the meantime, in this survey, we covered tools that can be used to develop NIDS models in SDN environment. This survey is concluded with a discussion of ongoing challenges in implementing NIDS using ML/DL and future works.

Vorheriger Artikel Virtual network embedding based on modified genetic algorithm

Nächster Artikel Behavior Reconstruction Models for Large-scale Network Service Systems

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Hewlett Packard Enterprise (2015) 2015 cost of cyber crime study: global, independently conducted by Ponemon institute LLC publication, Ponemon Institute research report. Avaiable https://www.accenture.com/t20170926T072837Z__w__/us-en/_acnmedia/PDF-61/Accenture-2017-CostCyberCrimeStudy.pdf. Accessed 26 June 2017

Kreutz D, Ramos FMV, Verissimo PE, Rothenberg CE, Azodolmolky S (2015) Software-defines network- a comprehensive survey. Published in Proceedings of the IEEE, 103, 1

Aburomman AA, Reza MBI (2016) Survey of learning methods in intrusion detection systems. International conference on advances in electrical, electronic and system Engineering(ICAEES), Putrajaya, pp 362–365. https://doi.org/10.1109/ICAEES.2016.7888070

Mehdi SA, Khalid J, Khaiyam SA (2011) Revisiting traffic anomaly detection using software defined networking. In: Sommer R, Balzarotti D, Maier G (eds) Recent Advances in Intrusion Detection. RAID 2011. Lecture Notes in Computer Science, vol 6961. Springer, Berlin, Heidelberg

Garcı´a-Teodoroa P, Dı´az-Verdejo J, Macia´-Ferna’ndez G, Va´zquez E (2009) Anomaly-based network intrusion detection: Techniques, systems and challenges. J Comput Secur 28(1-2):18–28CrossRef

Tuan TA, Mhamdi L, Mclernon D, Zaidi SAR, Ghogho M (2016) Deep learning approach for network intrusion detection in software defined networking. Int Conf Wirel Netw Mob Commun. https://doi.org/10.1109/WINCOM.2016.7777224

Open Networking Foundation (2013) SDN architecture overview, Version 1.0. Available https://www.opennetworking.org/images/stories/downloads/sdnresources/technical-reports/TR_SDN-ARCH-Overview-1.1-11112014.02.pdf. Accessed 27 June 2017

Niyaz Q, Sun W, Javaid AY (2016) A deep learning based DDoS detection system in software defined networking (SDN). CoRR abs/1611.07400. https://doi.org/10.4108/eai.28-12-2017.153515

Sezer S, Scott-Hayward S, Chouhan PK (2013) Are we ready for SDN? Implementation challenges for software-defined networks. In: IEEE Communication Magazine, vol. 51, no. 7, pp 36–43. https://doi.org/10.1109/MCOM.2013.6553676

10.

Atkinson RC, Bellekens XJ, Hodo E, Hamilton A, Tachtatzis C (2017) Shallow and deep networks intrusion detection system: a taxonomy and survey. CoRR, arXiv preprint arXiv:1701.02145. 2017 Jan 9

11.

Survey of Current Network Intrusion Detection Techniques https://www.cse.wustl.edu/~jain/cse571-07/ftp/ids/. Accessed 26 June 2017

12.

Supervised and unsupervised machine learning algorithms http://machinelearningmastery.com/supervised-and-unsupervised-machine learning-algorithms/. Accessed 20 June 2017

13.

Zamani M, Movahedi M (2015) Machine learning techniques for intrusion detection. CoRR, arXiv preprint arXiv:1312.2177. 2017 Jan 9

14.

Thaseen S, Kumar Ch (2013) An analysis of supervised tree based classifiers for intrusion detection system. In: Proceedings of the international conference on pattern recognition, informatics and mobile engineering (P RIME). Pp. 21–22

15.

Niyaz Q, Sun W, Javaid AY, Alam M (2016) A deep learning approach for network intrusion detection system. International conference wireless networks and mobile communications (WINCOM)

16.

Zanero S, Savaresi SM (2004) Unsupervised learning techniques for an intrusion detection system. In: Proceedings of the ACM symposium on applied computing. Pages 412–419

17.

Syarif I, Prugel-Bennett A, Wills G (2012) Unsupervised clustering approach for network anomaly detection. In: Benlamri R (eds) Networked Digital Technologies. NDT 2012. Communications in Computer and Information Science, vol 293. Springer, Berlin, Heidelberg

18.

Tsai C, Hsu Y, Lin C, Lin W (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36:11994–12000CrossRef

19.

Bennett KP, Demiriz A (2017) Semi-supervised support vector machines. Neural Comput & Applic 28(5):969–978CrossRef

20.

Haweliya J, Nigam B (2014) Network intrusion detection using semi supervised support vector machine. Int J Comput Appl 85, 9

21.

Chen C, Gong Y, Tian Y (2008) Semi-supervised learning methods for network intrusion detection. Int Conf Sys, Man Cybern, IEEE. https://doi.org/10.1109/ICSMC.2008.4811688

22.

Deep learning stand to benefit to data analytics and HPC expertise http://www.cio.com/article/3180184/analytics/deep-learning- stands-to- benefit-from-data-analytics-and-high-performance-computing-hpc-expertise.html. Accessed 3 July 2017

23.

LeCun Y, Bengio Y, Hinton G (2015) Deep learning review. Weekly journal of science in nature international. Nature 521, doi: https://doi.org/10.1038/nature14539

24.

Convolutional Neural Networks (2017) http://eric-yuan.me/cnn/. Accessed 10 July 2017

25.

Deng L, Yu D (2014) Deep learning methods and applications. Microsoft Research. Available https://www.microsoft.com/en-us/research/publication/deep-learning-methods-and-applications/. Accessed 10 July 2017

26.

Alom MZ, Bontupalli VR, Taha TM (2015) Intrusion detection using deep belief networks. Aerospace and electronics conference, NAECON. IEEE

27.

Tutorial http://ufldl.stanford.edu/tutorial/supervised/ConvolutionalNeuralNetwork/. Accessed June 15 2017

28.

Vyas A (2017) Deep learning in natural language processing” in mphasis, deep learning- NL_whitepaper

29.

Hughes T, Mierle K (2013) Recurrent neural networks for voice activity detection IEEE International Conference on Acoustics, Speech and Signal Processing, Vancouver, BC, pp 7378–7382. https://doi.org/10.1109/ICASSP.2013.6639096

30.

Salama MA, Eid HF, Ramadan RA, Darwish A, Hassanien AE (2011) Hybrid intelligent intrusion detection scheme. Soft computing in industrial applications in advances in intelligent and soft computing book series (AINSC, volume 96), pp 293–303

31.

Fiore U, Palmieri F, Castiglione A, Santis AD (2013) Network anomaly detection with the restricted Boltzmann machine. Neurocomputing 122(25):13–23CrossRef

32.

Eid HFA, Darwish A, Hassanien AE, Abraham A (2010) Principal components analysis and support vector machine based intrusion detection system. International conference intelligent systems design and applications (ISDA)

33.

Wang L, Jones R (2017) Big data analytics for network intrusion detection: a survey. Int J Netw Commun. https://doi.org/10.5923/j.ijnc.20170701.03

34.

Open Networking Foundation (2014) SDN architecture, Issue 1 June 2014 ONF TR-502

35.

Nunes BAA, Mendonca M, Nguyen XN, Obraczka K and Turletti T (2014) A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks. In IEEE Communications Surveys & Tutorials, vol 16, no. 3, pp 1617–1634, Third Quarter 2014. https://doi.org/10.1109/SURV.2014.012214.00180

36.

Bakshi T (2017) State of the art and recent research advances in software defined networking. In Wireless Communications and Mobile Computing, 2017, 1530-8669, Hindawi Publishing Corporation

37.

Yan Q, Yu FR, Gong Q and Li J (2016) Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, vol. 18, no. 1, pp 602–622 Firstquarter 2016. https://doi.org/10.1109/COMST.2015.2487361

38.

Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. 35th Annual IEEE conference on local computer networks, Denver, Colorado

39.

Open Networking Foundation, Jun (2014) [Online]. Available: https://www.opennetworking.org/. Accessed 10 July 2017

40.

Prete LR, Shinoda AA, Schweitzer CM, De Oliveira RLS (2014) Simulation in an SDN network scenario using the POX controller. 2014 I.E. Colombian Conference on Communications and Computing (COLCOM), Bogota, pp 1–6. https://doi.org/10.1109/ColComCon.2014.6860403

41.

Open Flow [Online]. Available: http://www.openflow.org/. Accessed 12 July 2017

42.

NOX. [Online]. Available: http://www.noxrepo.org/nox/about-nox/. Accessed 12 July 2017

43.

POX. [Online]. Available: http://www.noxrepo.org/pox/about-pox. Accessed 12 July 2017

44.

Kaur S, Singh J, Ghumman NS (2014) Network programmability using POX controller. International conference on communication, computing & systems, at SBS Staten technical campus, Ferozepur, Punjab, India, volume: 1

45.

Nguyen HT, Petrovic S, Franke K (2010) A comparison of feature-selection methods for intrusion detection. In: Kotenko I, Skormin V (eds) Computer Network Security. MMM-ACNS 2010. Lecture Notes in Computer Science, vol 6258. Springer, Berlin, Heidelberg, pp 242–255

46.

Gogoil P, Bhuyan MH (2012) Packet and flow-based network intrusion dataset. International conference on contemporary computing IC3, pp 322–334

47.

Hu F, Hao Q, Bao K (2014) A survey on software-defined network and openFlow: from concept to implementation. IEEE communication surveys & tutorial 16:4CrossRef

48.

Alom MZ, Bontupall VR, Taha TM (2015) Intrusion detection using deep belief networks. In: Aerospace and electronics conference, NAECON

49.

Coates A, Lee H, Ng Andrew Y (2011) An analysis of single-layer networks in unsupervised feature learning. In: Proceedings of the fourteenth international conference on artificial intelligence and statistics, PMLR 15:215–223

50.

Lu Y, Cohen I, Zhou XS, Tian Q (2014) Feature selection using principal feature analysis. Pattern Recogn Lett 49:33–39CrossRef

51.

Eid HF, Salama MA, Hassanien AE, Kim TH (2011) Bi-layer behavioral based feature selection approach for network intrusion classification. Commun Comput Inf Sci Book Ser 259:195–203

52.

Hasan MAM, Nasser M, Ahmad S, Molla KH (2016) Feature selection for intrusion detection using random forest. In: Journal of information security, pp 129–140

53.

Kloft M, Brefeld U, Dussel P, Gehl C, Laskov P (2008) Automatic feature selection for anomaly detection. In: Proceedings of the 1st ACM workshop on AISec, Pages 71–76, Alexandria, Virginia, ACM New York, USA

54.

Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31(3):357–374CrossRef

55.

University of New Brunswick (2017) [Online] available http://www.unb.ca/cic/research/datasets/dos-dataset.html. Accesses 22 June 2017

56.

Creech G, Hu J (2013) Generation of a new IDS test dataset: time to retire the KDD collection. Wirel Commun Netw Conf (WCNC). https://doi.org/10.1109/WCNC.2013.6555301

57.

Nour M, Slay J (2016) The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf Secur J: A Glob Perspec, pp 1–14

58.

Almomani I, Al-Kasasbeh B, Al-Akhras M (2016) WSN-DS: a dataset for intrusion detection systems in wireless sensor networks. J Sens 16p

59.

Jankowski D, Amanowwicz M (2016) On efficiency of selected machine learning algorithms for intrusion detection in software defined networks. Int J Electron Telecommun, 62(3):247–252

Titel: Survey on SDN based network intrusion detection system using machine learning approaches
verfasst von: Nasrin Sultana
Naveen Chilamkurti
Wei Peng
Rabei Alhadad
Publikationsdatum: 12.01.2018
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 2/2019
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-017-0630-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2019

Resource allocation in SDN based 5G cellular networks

An optimized protocol for QoS and energy efficiency on wireless body area networks

Behavior Reconstruction Models for Large-scale Network Service Systems

Energy efficient topology management scheme based on clustering technique for software defined wireless sensor network

A hierarchical mobility management scheme based on software defined networking

An improved network security situation assessment approach in software defined networks

Premium Partner