Software Defined Security Architecture with Deep Learning-Based Network Anomaly Detection Module

With the development of the Internet, the network attack technology has undergone tremendous changes. The forms of network attack and defense have also changed, which are features in attacks are becoming more diverse, attacks are more widespread and traditional security protection methods are invalid. In recent years, with the development of software defined security, network anomaly detection technology and big data technology, these challenges have been effectively addressed. This paper proposes a data-driven software defined security architecture with core features including data-driven orchestration engine, scalable network anomaly detection module and security data platform. Based on the construction of the analysis layer in the security data platform, real-time online detection of network data can be realized by integrating network anomaly detection module and security data platform under software defined security architecture. Then, data-driven security business orchestration can be realized to achieve efficient, real-time and dynamic response to detected anomalies. Meanwhile, this paper designs a deep learning-based HTTP anomaly detection algorithm module and integrates it with data-driven software defined security architecture so that demonstrating the flow of the whole system.

[1]  Samrat Kumar Dey,et al.  Flow Based Anomaly Detection in Software Defined Networking: A Deep Learning Approach With Feature Selection Method , 2018, 2018 4th International Conference on Electrical Engineering and Information & Communication Technology (iCEEiCT).

[2]  Naveen K. Chilamkurti,et al.  Survey on SDN based network intrusion detection system using machine learning approaches , 2018, Peer-to-Peer Networking and Applications.

[3]  Jun Yang,et al.  Payload-Based Web Attack Detection Using Deep Neural Network , 2017, BWCCA.

[4]  Jinoh Kim,et al.  A survey of deep learning-based network anomaly detection , 2017, Cluster Computing.

[5]  Ivan Letteri,et al.  Botnet Detection in Software Defined Networks by Deep Learning Techniques , 2018, CSS.

[6]  Guannan Liu,et al.  Attention-Based Bi-LSTM Model for Anomalous HTTP Traffic Detection , 2018, 2018 15th International Conference on Service Systems and Service Management (ICSSSM).

[7]  Dieter Hogrefe,et al.  Poster abstract: Streamlined anomaly detection in web requests using recurrent neural networks , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[8]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[9]  Surendra Byna,et al.  SDS: a framework for scientific data services , 2013, PDSW@SC.