A survey and classification of the security anomaly detection mechanisms in software defined networks

  • PDF / 925,859 Bytes
  • 19 Pages / 595.276 x 790.866 pts Page_size
  • 79 Downloads / 202 Views

DOWNLOAD

REPORT

(0123456789().,-volV)(0123456789(). ,- volV)

A survey and classification of the security anomaly detection mechanisms in software defined networks Tohid Jafarian1 • Mohammad Masdari1 • Ali Ghaffari2 • Kambiz Majidzadeh1 Received: 30 September 2019 / Revised: 5 September 2020 / Accepted: 10 September 2020  Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract Software defined network (SDN) decouples the network control and data planes. Despite various advantages of SDNs, they are vulnerable to various security attacks such anomalies, intrusions, and Denial-of-Service (DoS) attacks and so on. On the other hand, any anomaly and intrusion in SDNs can affect many important domains such as banking system and national security. Therefore, the anomaly detection topic is a broad research domain, and to mitigate these security problems, a great deal of research has been conducted in the literature. In this paper, the state-of-the-art schemes applied in detecting and mitigating anomalies in SDNs are explained, categorized, and compared. This paper categorizes the SDN anomaly detection mechanisms into five categories: (1) flow counting scheme, (2) information-based scheme, (3) entropy-based scheme, (4) deep learning, and (5) hybrid scheme. The research gaps and major existing research issues regarding SDN anomaly detection are highlighted. We hope that the analyses, comparisons, and classifications might provide directions for further research. Keywords Sdns  OpenFlow  Anomaly detection  Data plane  Security challenges  Virtual networks

1 Introduction Recently, SDN has become one of the most important network architectures for simplifying network management and enabling innovation in communication and computer networks [1–3]. The main rationale behind SDNs is to isolate control plane from the data plane and create the opportunity for effective administration and further flexibility [2, 4, 5]. Many companies such as Google, Microsoft and Juniper are using SDN in their network system in order & Mohammad Masdari [email protected] & Ali Ghaffari [email protected] Tohid Jafarian [email protected] Kambiz Majidzadeh [email protected] 1

Department of Computer Engineering, Urmia Branch, Islamic Azad University, Urmia, Iran

2

Department of Computer Engineering, Tabriz Branch, Islamic Azad University, Tabriz, Iran

to enhance network management and reduce operating costs. Many IT companies considers SDN as a significant future network technology. However, SDN has specific challenges and limitations in security domain. On the other hand, control plane centralization provides the opportunity for the individual to access network controller to have the entire network at his disposal. Security incidents, intrusions and different anomalies can have a significant impact on the network service level. Because of the emergence of new traffic behaviors, anomaly detection and mitigation are very essential to protect the SDNs against different intrusions. However, due to the novelty of SDN a

Data Loading...

Recommend Documents
Survey of Software-Defined Network Security Issues

217 63 61MB

SADM-SDNC: security anomaly detection and mitigation in software-defined networking using C-support vector classificatio

158 91 2MB

Software-Defined Networking and Architecture of IoT with Security, Challenges and Applications: A Survey

161 89 39MB

Information Security in Software-Defined Network

175 105 31MB

SDN and NFV Security Security Analysis of Software-Defined Networkin

156 97 3MB

Service Customized Software-Defined Airborne Information Networks

143 94 3MB

Mitigation of ARP Cache Poisoning in Software-Defined Networks

169 18 39MB

Software-Defined Network-Based Intrusion Detection System

196 83 245KB

Improving Imbalanced Classification by Anomaly Detection

190 7 65MB

Research on LDoS Attack Detection and Defense Mechanism in Software Defined Networks

150 93 48MB

Trust-Based Routing in Software-Defined Vehicular Ad Hoc Networks

157 100 49MB

Generative Adversarial-Synergetic Networks for Anomaly Detection

218 96 113MB