Detecting distributed cyber attacks in SDN based on automatic thresholding

Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

本文言語英語
ホスト出版物のタイトルProceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018
出版社Institute of Electrical and Electronics Engineers Inc.
ページ417-423
ページ数7
ISBN(電子版)9781538691847
DOI
出版ステータス出版済み - 12 26 2018
イベント6th International Symposium on Computing and Networking Workshops, CANDARW 2018 - Takayama, 日本
継続期間: 11 27 201811 30 2018

出版物シリーズ

名前Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018

会議

会議6th International Symposium on Computing and Networking Workshops, CANDARW 2018
国/地域日本
CityTakayama
Period11/27/1811/30/18

All Science Journal Classification (ASJC) codes

  • コンピュータ ネットワークおよび通信
  • ハードウェアとアーキテクチャ
  • 統計学、確率および不確実性
  • コンピュータ サイエンスの応用

フィンガープリント

「Detecting distributed cyber attacks in SDN based on automatic thresholding」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル