Host independent and distributed detection system of the network attack by using OpenFlow

Ryosuke Miyazaki, Junpei Kawamoto, Shinichi Matsumoto, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

Original languageEnglish
Title of host publication31st International Conference on Information Networking, ICOIN 2017
PublisherIEEE Computer Society
Pages236-241
Number of pages6
ISBN (Electronic)9781509051243
DOIs
Publication statusPublished - Apr 13 2017
Event31st International Conference on Information Networking, ICOIN 2017 - Da Nang, Viet Nam
Duration: Jan 11 2017Jan 13 2017

Publication series

NameInternational Conference on Information Networking
ISSN (Print)1976-7684

Other

Other31st International Conference on Information Networking, ICOIN 2017
CountryViet Nam
CityDa Nang
Period1/11/171/13/17

Fingerprint

Multi agent systems
Control systems
Controllers

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Cite this

Miyazaki, R., Kawamoto, J., Matsumoto, S., & Sakurai, K. (2017). Host independent and distributed detection system of the network attack by using OpenFlow. In 31st International Conference on Information Networking, ICOIN 2017 (pp. 236-241). [7899511] (International Conference on Information Networking). IEEE Computer Society. https://doi.org/10.1109/ICOIN.2017.7899511

Host independent and distributed detection system of the network attack by using OpenFlow. / Miyazaki, Ryosuke; Kawamoto, Junpei; Matsumoto, Shinichi; Sakurai, Kouichi.

31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society, 2017. p. 236-241 7899511 (International Conference on Information Networking).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Miyazaki, R, Kawamoto, J, Matsumoto, S & Sakurai, K 2017, Host independent and distributed detection system of the network attack by using OpenFlow. in 31st International Conference on Information Networking, ICOIN 2017., 7899511, International Conference on Information Networking, IEEE Computer Society, pp. 236-241, 31st International Conference on Information Networking, ICOIN 2017, Da Nang, Viet Nam, 1/11/17. https://doi.org/10.1109/ICOIN.2017.7899511
Miyazaki R, Kawamoto J, Matsumoto S, Sakurai K. Host independent and distributed detection system of the network attack by using OpenFlow. In 31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society. 2017. p. 236-241. 7899511. (International Conference on Information Networking). https://doi.org/10.1109/ICOIN.2017.7899511
Miyazaki, Ryosuke ; Kawamoto, Junpei ; Matsumoto, Shinichi ; Sakurai, Kouichi. / Host independent and distributed detection system of the network attack by using OpenFlow. 31st International Conference on Information Networking, ICOIN 2017. IEEE Computer Society, 2017. pp. 236-241 (International Conference on Information Networking).
@inproceedings{864f7c9be962466187691158a678ecd0,
title = "Host independent and distributed detection system of the network attack by using OpenFlow",
abstract = "Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.",
author = "Ryosuke Miyazaki and Junpei Kawamoto and Shinichi Matsumoto and Kouichi Sakurai",
year = "2017",
month = "4",
day = "13",
doi = "10.1109/ICOIN.2017.7899511",
language = "English",
series = "International Conference on Information Networking",
publisher = "IEEE Computer Society",
pages = "236--241",
booktitle = "31st International Conference on Information Networking, ICOIN 2017",
address = "United States",

}

TY - GEN

T1 - Host independent and distributed detection system of the network attack by using OpenFlow

AU - Miyazaki, Ryosuke

AU - Kawamoto, Junpei

AU - Matsumoto, Shinichi

AU - Sakurai, Kouichi

PY - 2017/4/13

Y1 - 2017/4/13

N2 - Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

AB - Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

UR - http://www.scopus.com/inward/record.url?scp=85018301683&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018301683&partnerID=8YFLogxK

U2 - 10.1109/ICOIN.2017.7899511

DO - 10.1109/ICOIN.2017.7899511

M3 - Conference contribution

AN - SCOPUS:85018301683

T3 - International Conference on Information Networking

SP - 236

EP - 241

BT - 31st International Conference on Information Networking, ICOIN 2017

PB - IEEE Computer Society

ER -