SDN-GAN: Generative Adversarial Deep NNs for Synthesizing Cyber Attacks on Software Defined Networks

The recent evolution in programmable networks such as SDN opens the possibility to control networks using software controllers. However, such networks are vulnerable to attacks that occur in traditional networks. Several techniques are proposed to handle the security vulnerabilities in SDNs. However, it is challenging to create attack signatures, scenarios, or even intrusion detection rules that are applicable to SDN dynamic environments. Generative Adversarial Deep Neural Networks automates the generation of realistic data in a semi supervised manner. This paper describes an approach that generates synthetic attacks that can target SDNs. It can be used to train SDNs to detect different attack variations. It is based on the most recent OpenFlow models/algorithms and it utilizes similarity with known attack patterns to identify attacks. Such synthesized variations of attack signatures are shown to attack SDNs using adversarial approaches.

[1]  Otto Carlos Muniz Bandeira Duarte,et al.  Providing elasticity to intrusion detection systems in virtualized Software Defined Networks , 2015, 2015 IEEE International Conference on Communications (ICC).

[2]  Dianxiang Xu,et al.  Security of Software Defined Networks: A survey , 2015, Comput. Secur..

[3]  Salvatore J. Stolfo,et al.  Cost-based modeling for fraud and intrusion detection: results from the JAM project , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[4]  Sajad Shirali-Shahreza,et al.  Efficient Implementation of Security Applications in OpenFlow Controller with FleXam , 2013, 2013 IEEE 21st Annual Symposium on High-Performance Interconnects.

[5]  JongWon Kim,et al.  Scalable network intrusion detection on virtual SDN environment , 2014, 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet).

[6]  Tao Ding,et al.  Multi-granular aggregation of network flows for security analysis , 2015, 2015 IEEE International Conference on Intelligence and Security Informatics (ISI).

[7]  Azer Bestavros,et al.  Software-Defined IDS for securing embedded mobile devices , 2013, 2013 IEEE High Performance Extreme Computing Conference (HPEC).

[8]  Akihiro Nakao,et al.  GENI: A federated testbed for innovative network experiments , 2014, Comput. Networks.

[9]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[10]  Dijiang Huang,et al.  NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems , 2013, IEEE Transactions on Dependable and Secure Computing.

[11]  Izzat Alsmadi The integration of access control levels based on SDN , 2016, Int. J. High Perform. Comput. Netw..

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Alessandro Margara,et al.  Processing flows of information: From data stream to complex event processing , 2012, CSUR.

[14]  Zhi Xue,et al.  IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection , 2018, PAKDD.

[15]  Dijiang Huang,et al.  Non-intrusive process-based monitoring system to mitigate and prevent VM vulnerability explorations , 2013, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[16]  Izzat Alsmadi,et al.  Identifying DoS attacks on software defined networks: A relation context approach , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.