Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

Nikoloudakis, Yannis; Kefaloukos, Ioannis; Stylianos, Klados; Panagiotakis, Spyros; Pallis, Evangelos; Skianis, Charalabos; Markakis, Evangelos K.

doi:10.3390/s21144939

Cited by 37 publications

(15 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The control layer is responsible for the generation and distribution of all forwarding logic. The author of [23] presented a machine learning powered SDN work. Therefore, this paper implements the model layer on the control plane of the software defined network.…”

Section: Sdn and Nfvmentioning

confidence: 99%

Security Service Function Chain Based on Graph Neural Network

Wang

Zhang

et al. 2022

Information

View full text Add to dashboard Cite

With the rapid development and wide application of cloud computing, security protection in cloud environment has become an urgent problem to be solved. However, traditional security service equipment is closely coupled with the network topology, so it is difficult to upgrade and expand the security service, which cannot change with the change of network application security requirements. Building a security service function chain (SSFC) makes the deployment of security service functions more dynamic and scalable. Based on a software defined network (SDN) and network function virtualization (NFV) environment, this paper proposes a solution to the particularity optimization algorithm of network topology feature extraction using graph neural network. The experimental results show that, compared with the shortest path, greedy algorithm and hybrid bee colony algorithm, the average success rate of the graph neural network algorithm in the construction of the security service function chain is more than 90%, far more than other algorithms, and far less than other algorithms in construction time. It effectively reduces the end-to-end delay and increases the network throughput.

show abstract

Section: Sdn and Nfvmentioning

confidence: 99%

Security Service Function Chain Based on Graph Neural Network

Wang

Zhang

et al. 2022

Information

View full text Add to dashboard Cite

show abstract

“…Mengtian Liu [8] analyzed the security requirements of SDN networks and proposed an SDN staged network situational awareness model including six stages of information collection, information preprocessing, information storage, information fusion, situational assessment, and administrator feedback configuration by combining the characteristics of SDN network architecture. Yannis Nikoloudakis [9] used an SDN controller to assign the entity to the appropriate network connection piece, dynamically slice the network using flow rules, and test the underlying SDN architecture with Machine Learning(ML) based IDS, all of which improved the accuracy of the evaluation and prediction results. From a logical level, Yan Li [10] investigates the present framework of network security situational awareness, which is organized into five stages: data collecting, model abstraction, index establishment, solution analysis, and situation prediction.…”

Section: Related Workmentioning

confidence: 99%

Network Situation Assessment Method Based on Improved BP Neural Network

Yao

et al. 2022

Preprint

View full text Add to dashboard Cite

The wide application of the Internet and the use of various network devices make the existing network scale increasingly complex, and the hidden dangers of various network security incidents are gradually exposed. Software Defined Network (SDN) brings potential security risks and challenges while changing the underlying network structure. In this paper, a situation assessment model based on SDN network is proposed by summarizing the important indicators and parameters of SDN. Then, the situational factors are mapped to the layers of the neural network, and the weights and thresholds of the back propagation(BP) neural network are optimized by the improved algorithm to obtain the global optimal solution. Finally, the purpose of situation assessment and comprehensive rating of the SDN network is realized. The experimental results show that the situation assessment method proposed in this paper has good effect and high accuracy, which provides a better basis for the next situation prediction.

show abstract

“…Nikoloudakis et al [15] proposed a machine learning-based solution for an Intrusion Detection System using a Software Defined Networking (SDN). Their approach "detects existing and newly introduced network-enabled entities, utilizing the real-time awareness feature provided by the SDN paradigm, assesses them against known vulnerabilities, and assigns them to a connectivity-appropriate network slice" [15]. While this work is shown to work with Identify, Protect, and Detect vulnerabilities, they are for the individual entities, while our solution is for an entire system of entities or components.…”

Section: Related Workmentioning

confidence: 99%

VERCASM-CPS: Vulnerability Analysis and Cyber Risk Assessment for Cyber-Physical Systems

et al. 2021

View full text Add to dashboard Cite

Since Cyber-Physical Systems (CPS) are widely used in critical infrastructures, it is essential to protect their assets from cyber attacks to increase the level of security, safety and trustworthiness, prevent failure developments, and minimize losses. It is necessary to analyze the CPS configuration in an automatic mode to detect the most vulnerable CPS components and reconfigure or replace them promptly. In this paper, we present a methodology to determine the most secure CPS configuration by using a public database of cyber vulnerabilities to identify the most secure CPS components. We also integrate the CPS cyber risk analysis with a Controlled Moving Target Defense, which either replaces the vulnerable CPS components or re-configures the CPS to harden it, while the vulnerable components are being replaced. Our solution helps to design a more secure CPS by updating the configuration of existing CPS to make them more resilient against cyber attacks. In this paper, we will compare cyber risk scores for different CPS configurations and show that the Windows® 10 build 20H2 operating system is more secure than Linux Ubuntu® 20.04, while Red Hat® Enterprise® Linux is the most secure in some system configurations.

show abstract

Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

Cited by 37 publications

References 29 publications

Security Service Function Chain Based on Graph Neural Network

Security Service Function Chain Based on Graph Neural Network

Network Situation Assessment Method Based on Improved BP Neural Network

VERCASM-CPS: Vulnerability Analysis and Cyber Risk Assessment for Cyber-Physical Systems

Contact Info

Product

Resources

About