Detection as a service: An SDN application

Monshizadeh, Mehrnoosh; Khatri, Vikramajeet; Kantola, Raimo

doi:10.23919/icact.2017.7890099

Cited by 20 publications

(6 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, currently platform is tested on single workstation, the whole functionality can be installed on several VMs for load balancing and decentralized monitoring purposes in order to handle large amount of traffic at core network. The similar mechanism has been explained in other papers presented by authors on SDN security [10].…”

Section: Resultssupporting

confidence: 64%

An Intelligent Defense and Filtration Platform for Network Traffic

Monshizadeh

Khatri

Atli

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Hybrid Anomaly Detection Model (HADM) is a security platform to detect and prevent cyber-attacks on communication networks. The platform uses a combination of linear and learning algorithms combined with protocol analyzer. The linear algorithms filter and extract distinctive attributes and features of the cyber-attacks while the learning algorithms use these attributes and features to identify new types of cyber-attacks. The protocol analyzer in this platform classifies and filters vulnerable protocols to avoid unnecessary computation load. The use of linear algorithms in conjunction with learning algorithms allows the HADM to achieve improved efficiency in terms of accuracy and computation time in order to detect cyber-attacks over existing solutions.

show abstract

Section: Resultssupporting

confidence: 64%

An Intelligent Defense and Filtration Platform for Network Traffic

Monshizadeh

Khatri

Atli

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Software-defined networking manages networks that aim to provide dynamic, programmability, and efficient network configuration to enhance network performance and monitoring. In other work [51], the authors explore how the use of SDN technology can be utilized to improve intrusion detection technology through the concept of detection as a service (DaaS) in the SDN environment. The research focuses on how the combination of the programmability features in SDN can be combined with intrusion detection systems to make a redundant, reliable, and scalable anomaly detection system that can be used for mobile network operators.…”

Section: Intrusion Detection In Sdn For Fog and Cloud Computingmentioning

confidence: 99%

A Survey on Intrusion Detection Systems for Fog and Cloud Computing

et al. 2022

View full text Add to dashboard Cite

The rapid advancement of internet technologies has dramatically increased the number of connected devices. This has created a huge attack surface that requires the deployment of effective and practical countermeasures to protect network infrastructures from the harm that cyber-attacks can cause. Hence, there is an absolute need to differentiate boundaries in personal information and cloud and fog computing globally and the adoption of specific information security policies and regulations. The goal of the security policy and framework for cloud and fog computing is to protect the end-users and their information, reduce task-based operations, aid in compliance, and create standards for expected user actions, all of which are based on the use of established rules for cloud computing. Moreover, intrusion detection systems are widely adopted solutions to monitor and analyze network traffic and detect anomalies that can help identify ongoing adversarial activities, trigger alerts, and automatically block traffic from hostile sources. This survey paper analyzes factors, including the application of technologies and techniques, which can enable the deployment of security policy on fog and cloud computing successfully. The paper focuses on a Software-as-a-Service (SaaS) and intrusion detection, which provides an effective and resilient system structure for users and organizations. Our survey aims to provide a framework for a cloud and fog computing security policy, while addressing the required security tools, policies, and services, particularly for cloud and fog environments for organizational adoption. While developing the essential linkage between requirements, legal aspects, analyzing techniques and systems to reduce intrusion detection, we recommend the strategies for cloud and fog computing security policies. The paper develops structured guidelines for ways in which organizations can adopt and audit the security of their systems as security is an essential component of their systems and presents an agile current state-of-the-art review of intrusion detection systems and their principles. Functionalities and techniques for developing these defense mechanisms are considered, along with concrete products utilized in operational systems. Finally, we discuss evaluation criteria and open-ended challenges in this area.

show abstract

“…Moreover, once the malicious events and the entropy values of the IP address and port address (layers 1-4 attacks) are detected, the authors implemented an anomaly mitigation technique using OF to drop the corresponding malicious traffic. In an earlier study, 91 the authors introduced an intrusion detection and prevention system (IDS/IPS) in order to mitigate malicious attacks. The suspicious activity is identified by deploying IDS and IPS at all the gateway nodes so that the SDN controller may block such malicious traffic from the control flow.…”

Section: Security In Dcnmentioning

confidence: 99%

A comprehensive survey on software‐defined networking for smart communities

Chaudhary

Aujla

Kumar

et al. 2022

Int J Communication

View full text Add to dashboard Cite

The need to provide services closer to the end-user proximity leads to the exchange of a large volume of data generated from the smart devices deployed at different geo-distributed sites. The massive amount of data generated from the smart devices need to be transmitted, analyzed, and processed. This requires seamless data exchanges among geo-separated nodes, which results in a considerable burden on the underlying network infrastructure and can degrade the performance of any implemented solution. Therefore, a dynamic, agile, and programmable network management paradigm is required. To handle the challenges mentioned above, software-defined networking (SDN) gained much attention from academia, researchers, and industrial sectors.Shifting the computational load from forwarding devices to a logically centralized controller is a dream of every network operator who wants to have complete control and global visibility of the network. Also, the concept of network functions virtualization (NFV) in SDN controller is required to increase resource utilization efficiency. Thus, in this paper, a comprehensive survey on SDN for various smart applications is presented. This survey covers the infrastructural details of SDN hardware and OpenFlow switches, controllers, simulation tools, programming languages, open issues, and challenges in SDN implementation with advanced technologies such as 5G and microservices. In addition, the challenges on the control plane and data plane are highlighted in detail, such as fault tolerance, routing, scheduling of flows, and energy consumption on OpenFlow switches. Finally, various open issues and challenges future scope of SDN are discussed and analyzed in the proposal.

show abstract

Detection as a service: An SDN application

Cited by 20 publications

References 10 publications

An Intelligent Defense and Filtration Platform for Network Traffic

An Intelligent Defense and Filtration Platform for Network Traffic

A Survey on Intrusion Detection Systems for Fog and Cloud Computing

A comprehensive survey on software‐defined networking for smart communities

Contact Info

Product

Resources

About