Evaluation of Machine Learning Techniques for Security in SDN

Ahnaf Ahmad; Erkki Harjula; Mika Ylianttila; Ijaz Ahmad

doi:10.1109/GCWkshps50303.2020.9367477

Evaluation of Machine Learning Techniques for Security in SDN

Ahnaf Ahmad, Erkki Harjula, Mika Ylianttila, Ijaz Ahmad

BA6402 5G and beyond networks

University of Oulu

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

16 Citations (Scopus)

Abstract

Software Defined Networking (SDN) has emerged as the most viable programmable network architecture to solve many challenges in legacy networks. SDN separates the network control plane from the data forwarding plane and logically centralizes the network control plane. The logically centralized control improves network management through global visibility of the network state. However, centralized control opens doors to security challenges. The SDN control platforms became the most attractive venues for Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Due to the success and inevitable benefits of Machine Learning (ML) in fingerprinting security vulnerabilities, this article proposes and evaluates ML techniques to counter DoS and DDoS attacks in SDN. The ML techniques are evaluated in a practical setup where the SDN controller is exposed to DDoS attacks to draw important conclusions for ML-based security of future communication networks.

Original language	English
Title of host publication	2020 IEEE Globecom Workshops, GC Wkshps 2020 - Proceedings
Subtitle of host publication	GC 2020 Workshop - SecSDN
Publisher	IEEE Institute of Electrical and Electronic Engineers
ISBN (Electronic)	978-1-7281-7307-8
ISBN (Print)	978-1-7281-7308-5
DOIs	https://doi.org/10.1109/GCWkshps50303.2020.9367477
Publication status	Published - Dec 2020
MoE publication type	A4 Article in a conference publication
Event	IEEE Global Communications Conference, GLOBECOM 2020: Online - Virtual, Taipei, Taiwan, Province of China Duration: 7 Dec 2020 → 11 Dec 2020

Conference

Conference	IEEE Global Communications Conference, GLOBECOM 2020
Country/Territory	Taiwan, Province of China
City	Taipei
Period	7/12/20 → 11/12/20

Keywords

SDN
security
IDS
DDoS
machine learning
security in SDN

Access to Document

10.1109/GCWkshps50303.2020.9367477

Cite this

@inproceedings{5c7cd9d1334d438c9d68d3dd4e5227de,

title = "Evaluation of Machine Learning Techniques for Security in SDN",

abstract = "Software Defined Networking (SDN) has emerged as the most viable programmable network architecture to solve many challenges in legacy networks. SDN separates the network control plane from the data forwarding plane and logically centralizes the network control plane. The logically centralized control improves network management through global visibility of the network state. However, centralized control opens doors to security challenges. The SDN control platforms became the most attractive venues for Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Due to the success and inevitable benefits of Machine Learning (ML) in fingerprinting security vulnerabilities, this article proposes and evaluates ML techniques to counter DoS and DDoS attacks in SDN. The ML techniques are evaluated in a practical setup where the SDN controller is exposed to DDoS attacks to draw important conclusions for ML-based security of future communication networks.",

keywords = "SDN, security, IDS, DDoS, machine learning, security in SDN",

author = "Ahnaf Ahmad and Erkki Harjula and Mika Ylianttila and Ijaz Ahmad",

note = "Funding Information: This work has been supported by TEKES Finland and Academy of Finland under projects: 6Genesis Flag-ship (grant 318927), and 5GEAR (Grant No. 319669) projects, and SecureConnect. Publisher Copyright: {\textcopyright} 2020 IEEE.; IEEE Global Communications Conference, GLOBECOM 2020 : Online ; Conference date: 07-12-2020 Through 11-12-2020",

year = "2020",

month = dec,

doi = "10.1109/GCWkshps50303.2020.9367477",

language = "English",

isbn = "978-1-7281-7308-5",

booktitle = "2020 IEEE Globecom Workshops, GC Wkshps 2020 - Proceedings",

publisher = "IEEE Institute of Electrical and Electronic Engineers",

address = "United States",

}

Ahmad, A, Harjula, E, Ylianttila, M & Ahmad, I 2020, Evaluation of Machine Learning Techniques for Security in SDN. in 2020 IEEE Globecom Workshops, GC Wkshps 2020 - Proceedings: GC 2020 Workshop - SecSDN., 367477, IEEE Institute of Electrical and Electronic Engineers, IEEE Global Communications Conference, GLOBECOM 2020, Taipei, Taiwan, Province of China, 7/12/20. https://doi.org/10.1109/GCWkshps50303.2020.9367477

Evaluation of Machine Learning Techniques for Security in SDN. / Ahmad, Ahnaf; Harjula, Erkki; Ylianttila, Mika et al.

2020 IEEE Globecom Workshops, GC Wkshps 2020 - Proceedings: GC 2020 Workshop - SecSDN. IEEE Institute of Electrical and Electronic Engineers, 2020. 367477.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Evaluation of Machine Learning Techniques for Security in SDN

AU - Ahmad, Ahnaf

AU - Harjula, Erkki

AU - Ylianttila, Mika

AU - Ahmad, Ijaz

N1 - Funding Information: This work has been supported by TEKES Finland and Academy of Finland under projects: 6Genesis Flag-ship (grant 318927), and 5GEAR (Grant No. 319669) projects, and SecureConnect. Publisher Copyright: © 2020 IEEE.

PY - 2020/12

Y1 - 2020/12

N2 - Software Defined Networking (SDN) has emerged as the most viable programmable network architecture to solve many challenges in legacy networks. SDN separates the network control plane from the data forwarding plane and logically centralizes the network control plane. The logically centralized control improves network management through global visibility of the network state. However, centralized control opens doors to security challenges. The SDN control platforms became the most attractive venues for Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Due to the success and inevitable benefits of Machine Learning (ML) in fingerprinting security vulnerabilities, this article proposes and evaluates ML techniques to counter DoS and DDoS attacks in SDN. The ML techniques are evaluated in a practical setup where the SDN controller is exposed to DDoS attacks to draw important conclusions for ML-based security of future communication networks.

AB - Software Defined Networking (SDN) has emerged as the most viable programmable network architecture to solve many challenges in legacy networks. SDN separates the network control plane from the data forwarding plane and logically centralizes the network control plane. The logically centralized control improves network management through global visibility of the network state. However, centralized control opens doors to security challenges. The SDN control platforms became the most attractive venues for Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Due to the success and inevitable benefits of Machine Learning (ML) in fingerprinting security vulnerabilities, this article proposes and evaluates ML techniques to counter DoS and DDoS attacks in SDN. The ML techniques are evaluated in a practical setup where the SDN controller is exposed to DDoS attacks to draw important conclusions for ML-based security of future communication networks.

KW - SDN

KW - security

KW - IDS

KW - DDoS

KW - machine learning

KW - security in SDN

UR - http://www.scopus.com/inward/record.url?scp=85102951615&partnerID=8YFLogxK

U2 - 10.1109/GCWkshps50303.2020.9367477

DO - 10.1109/GCWkshps50303.2020.9367477

M3 - Conference article in proceedings

SN - 978-1-7281-7308-5

BT - 2020 IEEE Globecom Workshops, GC Wkshps 2020 - Proceedings

PB - IEEE Institute of Electrical and Electronic Engineers

T2 - IEEE Global Communications Conference, GLOBECOM 2020

Y2 - 7 December 2020 through 11 December 2020

ER -

Evaluation of Machine Learning Techniques for Security in SDN

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this