Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques

Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques

The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wi...

Full description

Bibliographic Details
Main Authors: Marek Amanowicz, Damian Jankowski
Format: Article
Language:English
Published: MDPI AG 2021-04-01
Series:Sensors
Subjects:
software-defined network
flow features
data mining
flow classification
Mininet
OpenDaylight
Online Access:https://www.mdpi.com/1424-8220/21/9/2972
id doaj-5158df4d757d488ba1d12289ddacda31
record_format Article
spelling doaj-5158df4d757d488ba1d12289ddacda312021-04-23T23:05:21ZengMDPI AGSensors1424-82202021-04-01212972297210.3390/s21092972Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining TechniquesMarek Amanowicz0Damian Jankowski1NASK National Research Institute, 01-045 Warsaw, PolandMinistry of National Defense, 01-045 Warsaw, PolandThe increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions.https://www.mdpi.com/1424-8220/21/9/2972software-defined networkflow featuresdata miningflow classificationMininetOpenDaylight
collection DOAJ
language English
format Article
sources DOAJ
author Marek Amanowicz
Damian Jankowski
spellingShingle Marek Amanowicz
Damian Jankowski
Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
Sensors
software-defined network
flow features
data mining
flow classification
Mininet
OpenDaylight
author_facet Marek Amanowicz
Damian Jankowski
author_sort Marek Amanowicz
title Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_short Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_full Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_fullStr Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_full_unstemmed Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
title_sort detection and classification of malicious flows in software-defined networks using data mining techniques
publisher MDPI AG
series Sensors
issn 1424-8220
publishDate 2021-04-01
description The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions.
topic software-defined network
flow features
data mining
flow classification
Mininet
OpenDaylight
url https://www.mdpi.com/1424-8220/21/9/2972
work_keys_str_mv AT marekamanowicz detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques
AT damianjankowski detectionandclassificationofmaliciousflowsinsoftwaredefinednetworksusingdataminingtechniques
_version_ 1721512040694022144

Similar Items