An Artificial Intelligence Resiliency System (ARS)

Security is one of the principle concerns confronting the improvement of new networking and communications systems. Another challenge is to verify network consistency, such that it is functioning precisely as planned. On the other hand, propels in Artificial Intelligence (AI) innovation are expected to play a key role in offensive and defensive measures to ensure a fast reaction to respond to the landscape of developing threats. Software Defined Networking (SDN), being centralized by design, offers a global perspective of the network. Adaptability and robustness are part of a package offered by programmable networking, which drove us to consider the integration between both AI and SDN. The hybrid security techniques, inspired by the fascinating tactics of the human immunity system, directed the design of our general hybrid Artificial Intelligence Resiliency System (ARS). ARS aims to strikes a good balance between centralized and distributed security techniques that may be applicable to various network environments. Another objective is to investigate and leverage the state-of-the-art AI techniques to enhance network performance in general and resiliency in particular. A second objective of ARS is network consistency verification as a resiliency measurement alongside our security system. Throughout this work we discuss a new architecture that integrates both, a multilayer layer security and consistency establishment techniques, while preserving data privacy. Our results show, on one hand, the architecture tests along with the accuracy of multiple AI techniques for both security layers, and on the other hand, the attack mitigation and consistency tests. Finally, we propose a new distributed AI based security enforcement technique based on a state-of-the-art distributed Neural Network overlay.

[1]  Naruemon Wattanapongsakorn,et al.  Network intrusion detection with Fuzzy Genetic Algorithm for unknown attacks , 2013, The International Conference on Information Networking 2013 (ICOIN).

[2]  Mohammed Moin Mulla,et al.  Detection of distributed denial of service attacks in software defined networks , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[3]  Sunil Gupta,et al.  An effective model for anomaly IDS to improve the efficiency , 2015, 2015 International Conference on Green Computing and Internet of Things (ICGCIoT).

[4]  Chih-Fong Tsai,et al.  CANN: An intrusion detection system based on combining cluster centers and nearest neighbors , 2015, Knowl. Based Syst..

[5]  Anup K. Ghosh,et al.  A Study in Using Neural Networks for Anomaly and Misuse Detection , 1999, USENIX Security Symposium.

[6]  Martin A. Riedmiller,et al.  A direct adaptive method for faster backpropagation learning: the RPROP algorithm , 1993, IEEE International Conference on Neural Networks.

[7]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[8]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[9]  Rung Ching Chen,et al.  Using Rough Set and Support Vector Machine for Network Intrusion Detection System , 2009, 2009 First Asian Conference on Intelligent Information and Database Systems.

[10]  Ahmad Y. Javaid,et al.  A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN) , 2016, EAI Endorsed Trans. Security Safety.

[11]  Ejaz Ahmed,et al.  Securing software defined networks: taxonomy, requirements, and open issues , 2015, IEEE Communications Magazine.

[12]  S. Srinoy,et al.  Anomaly-Based Intrusion Detection using Fuzzy Rough Clustering , 2006, 2006 International Conference on Hybrid Information Technology.

[13]  Wei Wu,et al.  Convergence of Gradient Descent Algorithm for a Recurrent Neuron , 2007, ISNN.

[14]  Ayman I. Kayssi,et al.  SDN verification plane for consistency establishment , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[15]  Aboul Ella Hassanien,et al.  Multi-layer hybrid machine learning techniques for anomalies detection and classification approach , 2013, 13th International Conference on Hybrid Intelligent Systems (HIS 2013).

[16]  Wei Li,et al.  Using Genetic Algorithm for Network Intrusion Detection , 2004 .

[17]  Kalamullah Ramli,et al.  Study on implementation of machine learning methods combination for improving attacks detection accuracy on Intrusion Detection System (IDS) , 2015, 2015 International Conference on Quality in Research (QiR).

[18]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[19]  Wolfgang Kellerer,et al.  Towards adaptive state consistency in distributed SDN control plane , 2017, 2017 IEEE International Conference on Communications (ICC).

[20]  Robert C. Atkinson,et al.  Threat analysis of IoT networks using artificial neural network intrusion detection system , 2016, 2016 International Symposium on Networks, Computers and Communications (ISNCC).

[21]  Robert K. Cunningham,et al.  Improving Intrusion Detection Performance using Keyword Selection and Neural Networks , 2000, Recent Advances in Intrusion Detection.

[22]  Valentin Sgarciu,et al.  Anomaly Intrusions Detection Based on Support Vector Machines with an Improved Bat Algorithm , 2015, 2015 20th International Conference on Control Systems and Computer Science.

[23]  A. Anou,et al.  RETRACTED: A Bayesian Networks in Intrusion Detection Systems , 2007 .

[24]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[25]  Ashraf Matrawy,et al.  Adaptive consistency for distributed SDN controllers , 2016, 2016 17th International Telecommunications Network Strategy and Planning Symposium (Networks).

[26]  Sriyankar Acharyya,et al.  Ant Colony Optimization Technique Applied in Network Routing Problem , 2010 .

[27]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[28]  Ata Kabán,et al.  K-Nearest-Neighbours with a novel similarity measure for intrusion detection , 2013, 2013 13th UK Workshop on Computational Intelligence (UKCI).

[29]  James A. Mahaffey,et al.  Multiple Self-Organizing Maps for Intrusion Detection , 2000 .

[30]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[31]  Kwangjo Kim,et al.  Deep Learning in Intrusion Detection System: An Overview , 2016 .

[32]  Rakesh Bobba,et al.  Inter-flow consistency: A novel SDN update abstraction for supporting inter-flow constraints , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[33]  Mamun Bin Ibne Reaz,et al.  A novel SVM-kNN-PSO ensemble method for intrusion detection system , 2016, Appl. Soft Comput..

[34]  Ayman I. Kayssi,et al.  Machine learning for network resilience: The start of a journey , 2018, 2018 Fifth International Conference on Software Defined Systems (SDS).

[35]  Ayman I. Kayssi,et al.  SDN Security Plane: An Architecture for Resilient Security Services , 2016, 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW).

[36]  Timothy Wood,et al.  Firewall performance optimization using data mining techniques , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[37]  LiaoYihua Use of K-Nearest Neighbor classifier for intrusion detection11An earlier version of this paper is to appear in the Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, August 2002 , 2002 .

[38]  Andrei Vladyko,et al.  A fuzzy logic-based information security management for software-defined networks , 2014, 16th International Conference on Advanced Communication Technology.

[39]  Snehal A. Mulay,et al.  Intrusion Detection System using Support Vector Machine and Decision Tree , 2010 .

[40]  A. Kannan,et al.  Intrusion detection using optimal genetic feature selection and SVM based classifier , 2015, 2015 3rd International Conference on Signal Processing, Communication and Networking (ICSCN).

[41]  V. Rao Vemuri,et al.  Use of K-Nearest Neighbor classifier for intrusion detection , 2002, Comput. Secur..

[42]  Dong Seong Kim,et al.  Building Lightweight Intrusion Detection System Based on Random Forest , 2006, ISNN.

[43]  Michael Schapira,et al.  VeriCon: towards verifying controller programs in software-defined networks , 2014, PLDI.

[44]  Mohammad Zulkernine,et al.  Network Intrusion Detection using Random Forests , 2005, PST.

[45]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[46]  Andrew H. Sung,et al.  Modeling intrusion detection systems using linear genetic programming approach , 2004 .

[47]  Shaik Akbar,et al.  Improving network security using machine learning techniques , 2012, 2012 IEEE International Conference on Computational Intelligence and Computing Research.

[48]  Azer Bestavros,et al.  A Verification Platform for SDN-Enabled Applications , 2014, 2014 IEEE International Conference on Cloud Engineering.

[49]  Manas Ranjan Patra,et al.  NETWORK INTRUSION DETECTION USING NAÏVE BAYES , 2007 .

[50]  Mohammad Zulkernine,et al.  A hybrid network intrusion detection technique using random forests , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[51]  Roy H. Campbell,et al.  Inter-Flow Consistency: Novel SDN Update Abstraction for Supporting Inter-Flow Constraints , 2015 .

[52]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.