A Detection Method for Anomaly Flow in Software Defined Network

As a new type of network structure, the Software Defined Network (SDN) provides a new solution for network flow management and optimization, which has made the accurate detection of anomaly SDN flows a hot research topic. This paper presents an SDN-based flow detection method, builds structures for detecting anomaly SDN flows and performs classification detection on the flows using the double P-value of transductive confidence machines for K-nearest neighbors algorithm. The experimental results show that the algorithm proposed achieves a lower false positive rate, higher precision, and better adaptation to the SDN environment than do other algorithms of the same type.

[1]  Miklos A. Vasarhelyi,et al.  Cluster Analysis for Anomaly Detection in Accounting Data: An Audit Approach 1 , 2011 .

[2]  Basil S. Maglaris,et al.  Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments , 2014, Comput. Networks.

[3]  Deokjai Choi,et al.  Utilizing OpenFlow and sFlow to Detect and Mitigate SYN Flooding Attack , 2014 .

[4]  Basil S. Maglaris,et al.  Leveraging SDN for Efficient Anomaly Detection and Mitigation on Legacy Networks , 2014, 2014 Third European Workshop on Software Defined Networks.

[5]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[6]  Pere Barlet-Ros,et al.  Towards a NetFlow Implementation for OpenFlow Software-Defined Networks , 2017, 2017 29th International Teletraffic Congress (ITC 29).

[7]  Q. P. Hu,et al.  Bayesian analysis for NHPP-based software fault detection and correction processes , 2015, 2015 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM).

[8]  Amit Mishra,et al.  A KNN-ACO approach for intrusion detection using KDDCUP'99 dataset , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[9]  Yingwei Yao,et al.  Group-Ordered SPRT for Decentralized Detection , 2012, IEEE Transactions on Information Theory.

[10]  Xiaojiang Du,et al.  A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows , 2016, 2016 IEEE International Conference on Communications (ICC).

[11]  Sherali Zeadally,et al.  Securing Internet of Things with Software Defined Networking , 2018, IEEE Communications Magazine.

[12]  Marc St-Hilaire,et al.  Early detection of DDoS attacks against SDN controllers , 2015, 2015 International Conference on Computing, Networking and Communications (ICNC).

[13]  Li Guo,et al.  TCM-KNN scheme for network anomaly detection using feature-based optimizations , 2008, SAC '08.

[14]  Zhiyang Li,et al.  An efficient elephant flow detection with cost-sensitive in SDN , 2015, 2015 1st International Conference on Industrial Networks and Intelligent Systems (INISCom).

[15]  Aimin Wang,et al.  Improved KNN algorithm for scattered point cloud , 2017, 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC).

[16]  Richard A. Lethin,et al.  High-performance algorithms and data structures to catch elephant flows , 2016, 2016 IEEE High Performance Extreme Computing Conference (HPEC).

[17]  Csaba Lenart,et al.  Classification of energy tree species using support vector machines , 2014, 2014 6th Workshop on Hyperspectral Image and Signal Processing: Evolution in Remote Sensing (WHISPERS).

[18]  Yaping Lin,et al.  Dynamic texture recognition using multiscale PCA-learned filters , 2017, 2017 IEEE International Conference on Image Processing (ICIP).

[19]  Xiaofeng Qiu,et al.  Network anomaly detection based on frequent sub-graph mining approach and association analysis , 2016, 2016 IEEE International Conference on Network Infrastructure and Digital Content (IC-NIDC).