مشخصات مقاله | |
ترجمه عنوان مقاله | یک اکوسیستم برای تشخیص و کاهش ناهنجاری در شبکه های نرم افزار محور |
عنوان انگلیسی مقاله | An ecosystem for anomaly detection and mitigation in software-defined networking |
انتشار | مقاله سال 2018 |
تعداد صفحات مقاله انگلیسی | 42 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research article) |
مقاله بیس | این مقاله بیس نمیباشد |
نمایه (index) | scopus – master journals – JCR |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
ایمپکت فاکتور(IF) |
3.768 در سال 2017 |
شاخص H_index | 145 در سال 2018 |
شاخص SJR | 1.271 در سال 2018 |
رشته های مرتبط | مهندسی فناوری اطلاعات |
گرایش های مرتبط | شبکه های کامپیوتری |
نوع ارائه مقاله |
ژورنال |
مجله / کنفرانس | سیستم های کارشناس با نرم افزار – Expert Systems With Applications |
دانشگاه | Computer Science Department – State University of Londrina – Brazil |
کلمات کلیدی | تشخیص آنومالی، شبکه های نرم افزارمحور (SDN)، OpenFlow، رگرسيون لجستيک چندجمله ای |
کلمات کلیدی انگلیسی | Anomaly Detection, Software-defined networking (SDN), OpenFlow, Multinomial Logistic Regression |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.eswa.2018.03.027 |
کد محصول | E10192 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Highlights Abstract Keywords 1 Introduction 2 Related work 3 Overall architecture and design principles 4 Results 5 Conclusion Acknowledgment References |
بخشی از متن مقاله: |
Abstract
Along with the rapid growth of computer networks comes the need for automating management functions to prevent errors in decision-making and reduce the cost of ordinary operations. Software-defined networking (SDN) is an emergent paradigm that aims to support next-generation networks through its flexible and powerful management mechanisms. Although SDN provides greater control over traffic flow, its security and availability remain a challenge. The major contribution of this paper is to present an SDN-based ecosystem that monitors network traffic and proactively detects anomalies which may impair proper network functioning. When an anomalous event is recognized, the proposal conducts a more active analysis to inspect irregularities at the network traffic flow level. Detecting such problems quickly is essential to take appropriate countermeasures. In this manner, the potential for centralized network monitoring based on SDN with OpenFlow is addressed in order to evaluate mitigation policies against threats. Experimental results demonstrate the proposed ecosystem succeeds in achieving higher detection rates compared to other approaches. In addition, the performance analysis shows that our approach can efficiently contribute to the network’s resilience. Introduction The rigid structure of traditional networks increases and complicates the task of managing them as they expand. As demand for real-time applications increases, it has become difficult to scale existing networks while ensuring availability and security without degradation of performance. To express the policies of agreed service levels (ASL) and to maintain quality of service (QoS), network operators need to configure each device separately as a heterogeneous collection of switches, routers, middleboxes, and so on, using low-level commands specific to each equipment supplier (Kreutz et al., 2013). Changes in such policies are time-consuming and usually require a large staff to focus efforts on making thousands of changes manually in network components. In this scenario, despite frequent investments in communications innovation, dissatisfaction with the capacity of traditional networks to adapt to the changes required by new technologies will become increasingly evident (Jammal et al., 2014). Software-defined networks (SDNs) have emerged as the next-generation networking paradigm aiming to improve network resource utilization, simplify network management, reduce operating costs, and promote evolution (Lin et al., 2016). To achieve these benefits, SDN separates the data plane from the control plane by removing decisions from the forwarding devices (e.g., routers and switches), enabling forwarding hardware programming through a standardized interface (commonly using the OpenFlow protocol). A controller guides the control plane using applications to define the behavior of the network-forwarding infrastructure. With the separation of planes, various network devices can share the same controller. A significant advantage is that if there is the need for policy changes or the establishment of service quality, it can be accomplished through control plane programming, which uses a more intuitive high-level language than device configuration commands. Indeed, the administrator can modify network forwarding rules, prioritize, or even block specific types of traffic. Although SDN networks provide greater control over traffic flow, owing to their dynamic nature, they have also introduced new challenges and issues to be addressed. Researchers argue that SDNs are vulnerable and easier to overwhelm (Li et al., 2016)(Kreutz et al., 2013). Concerns about resiliency and robustness arise when the logic behind forwarding behavior is centralized and located in the controller, which becomes a single point of failure (Rathee et al., 2017). Thereby, security threats may include direct controller attacks or vulnerability exploitations in the communication between the controller and the data plane. In the former, the most prominent threat is Distributed Denial of Service (DDoS), which generates malicious requests to overwhelm the controller, consequently hindering the SDN’s operation. In the latter, Man in the Middle is a potential attack in which the adversary may break the link between the controller and its switches. To summarize, in the absence of a secure and robust controller, attackers have opportunities to change the behavior of the underlying network by modifying the controller operations. |