Software-Defined Networks (SDN) is an emerging area that promises to change the way we design, build, and operate network architecture. It tends to shift from traditional network architecture of proprietary based to open and programmable network architecture. However, this new innovative and improved technology also brings another security burden into the network architecture, with existing and emerging security threats. The network vulnerability has become more open to intruders: the focus is now shifted to a single point of failure where the central controller is a prime target. Therefore, integration of intrusion detection system (IDS) into the SDN architecture is essential to provide a network with attack countermeasure. The work designed and developed a virtual testbed that simulates the processes of the real network environment, where a star topology is created with hosts and servers connected to the OpenFlow OVS-switch. Signature-based Snort IDS is deployed for traffic monitoring and attack detection, by mirroring the traffic destine to the servers. The vulnerability assessment shows possible attacks threat exist in the network architecture and effectively contain by Snort IDS except for the few which the suggestion is made for possible mitigation. In order to provide scalable threat detection in the architecture, a flow-based IDS model is developed. A flow-based anomaly detection is implemented with machine learning to overcome the limitation of signature-based IDS. The results show positive improvement for detection of almost all the possible attacks in SDN environment with our pattern recognition of neural network for machine learning using our trained model with over 97% accuracy.
[1]
Babak Fakhim,et al.
Predicting the Impact of Multiwalled Carbon Nanotubes on the Cement Hydration Products and Durability of Cementitious Matrix Using Artificial Neural Network Modeling Technique
,
2013,
TheScientificWorldJournal.
[2]
Sakir Sezer,et al.
A Survey of Security in Software Defined Networks
,
2016,
IEEE Communications Surveys & Tutorials.
[3]
Mounir Ghogho,et al.
Deep learning approach for Network Intrusion Detection in Software Defined Networking
,
2016,
2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).
[4]
Fernando M. V. Ramos,et al.
Software-Defined Networking: A Comprehensive Survey
,
2014,
Proceedings of the IEEE.
[5]
Ali A. Ghorbani,et al.
A detailed analysis of the KDD CUP 99 data set
,
2009,
2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.
[6]
Kevin Benton,et al.
OpenFlow vulnerability assessment
,
2013,
HotSDN '13.
[7]
Sakir Sezer,et al.
Intrusion Detection Systems for Critical Infrastructure
,
2014
.
[8]
Sakir Sezer,et al.
Queen ' s University Belfast-Research Portal Are We Ready for SDN ? Implementation Challenges for Software-Defined Networks
,
2016
.