Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach

Emre Unal; Sonali Sen-Baidya; Rattikorn Hewett

doi:10.1109/BigData.2018.8622524

Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach

Emre Unal, Sonali Sen-Baidya, Rattikorn Hewett

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Cyber-physical systems (CPS) tightly integrate physical and computing processes by monitoring and control data interacting between them via underlying networks. Software Defined Network (SDN) Technology has increasingly become essential in many advanced computer networks, including those in modern CPS, to provide flexible and agile network development. Despite many benefits that SDN offers, malicious attacks that can eventually prevent network services are unavoidable. Among the most predominant attacks on SDN controller layer, Link Discovery Attack and ARP (Address Resolution Protocol) Spoofing Attack are fundamental in that they are the gateways of many other SDN threats and attacks. To defend these attacks, most existing techniques either rely on relatively complex data validation techniques or use thresholds that can be subjective and unable to detect more than one type of attacks at a time if one deciding factor is used. While Big data technology, particularly machine learning, has been widely used for intrusion/anomaly detection, little has been done in SDN. This paper explores how well this technology can be used to predict these SDN attacks. By employing typical machine learning algorithms on simulated data of routing in SDN when attacks occur, preliminary results, obtained from four machine learning models, show the average area under ROC curve of over 96% and 92% for sample size 50,970 (12 switches) and 60,000 (20 switches), respectively. Further experiments show near-linear scaling in training time for the best performing algorithm when sample size grows up to 100,000.

Original language	English
Title of host publication	Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018
Editors	Yang Song, Bing Liu, Kisung Lee, Naoki Abe, Calton Pu, Mu Qiao, Nesreen Ahmed, Donald Kossmann, Jeffrey Saltz, Jiliang Tang, Jingrui He, Huan Liu, Xiaohua Hu
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	4582-4588
Number of pages	7
ISBN (Electronic)	9781538650356
DOIs	https://doi.org/10.1109/BigData.2018.8622524
State	Published - Jan 22 2019
Event	2018 IEEE International Conference on Big Data, Big Data 2018 - Seattle, United States Duration: Dec 10 2018 → Dec 13 2018

Publication series

Name	Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018

Conference

Conference	2018 IEEE International Conference on Big Data, Big Data 2018
Country	United States
City	Seattle
Period	12/10/18 → 12/13/18

Keywords

ARP Spoofing attack
Data Analytic Applications
Link Discovery attack
Machine Learning
SDN-specific security
Software-Defined Networking

Access to Document

10.1109/BigData.2018.8622524

Link to publication in Scopus

Fingerprint Dive into the research topics of 'Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach'. Together they form a unique fingerprint.

Cite this

Unal, E., Sen-Baidya, S., & Hewett, R. (2019). Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach. In Y. Song, B. Liu, K. Lee, N. Abe, C. Pu, M. Qiao, N. Ahmed, D. Kossmann, J. Saltz, J. Tang, J. He, H. Liu, & X. Hu (Eds.), Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018 (pp. 4582-4588). [8622524] (Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/BigData.2018.8622524

Unal, Emre ; Sen-Baidya, Sonali ; Hewett, Rattikorn. / Towards Prediction of Security Attacks on Software Defined Networks : A Big Data Analytic Approach. Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018. editor / Yang Song ; Bing Liu ; Kisung Lee ; Naoki Abe ; Calton Pu ; Mu Qiao ; Nesreen Ahmed ; Donald Kossmann ; Jeffrey Saltz ; Jiliang Tang ; Jingrui He ; Huan Liu ; Xiaohua Hu. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 4582-4588 (Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018).

@inproceedings{fedfb8873ab2418a99eadebd1475b5c6,

title = "Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach",

abstract = "Cyber-physical systems (CPS) tightly integrate physical and computing processes by monitoring and control data interacting between them via underlying networks. Software Defined Network (SDN) Technology has increasingly become essential in many advanced computer networks, including those in modern CPS, to provide flexible and agile network development. Despite many benefits that SDN offers, malicious attacks that can eventually prevent network services are unavoidable. Among the most predominant attacks on SDN controller layer, Link Discovery Attack and ARP (Address Resolution Protocol) Spoofing Attack are fundamental in that they are the gateways of many other SDN threats and attacks. To defend these attacks, most existing techniques either rely on relatively complex data validation techniques or use thresholds that can be subjective and unable to detect more than one type of attacks at a time if one deciding factor is used. While Big data technology, particularly machine learning, has been widely used for intrusion/anomaly detection, little has been done in SDN. This paper explores how well this technology can be used to predict these SDN attacks. By employing typical machine learning algorithms on simulated data of routing in SDN when attacks occur, preliminary results, obtained from four machine learning models, show the average area under ROC curve of over 96% and 92% for sample size 50,970 (12 switches) and 60,000 (20 switches), respectively. Further experiments show near-linear scaling in training time for the best performing algorithm when sample size grows up to 100,000.",

keywords = "ARP Spoofing attack, Data Analytic Applications, Link Discovery attack, Machine Learning, SDN-specific security, Software-Defined Networking",

author = "Emre Unal and Sonali Sen-Baidya and Rattikorn Hewett",

year = "2019",

month = jan,

day = "22",

doi = "10.1109/BigData.2018.8622524",

language = "English",

series = "Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "4582--4588",

editor = "Yang Song and Bing Liu and Kisung Lee and Naoki Abe and Calton Pu and Mu Qiao and Nesreen Ahmed and Donald Kossmann and Jeffrey Saltz and Jiliang Tang and Jingrui He and Huan Liu and Xiaohua Hu",

booktitle = "Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018",

note = "null ; Conference date: 10-12-2018 Through 13-12-2018",

}

Unal, E, Sen-Baidya, S & Hewett, R 2019, Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach. in Y Song, B Liu, K Lee, N Abe, C Pu, M Qiao, N Ahmed, D Kossmann, J Saltz, J Tang, J He, H Liu & X Hu (eds), Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018., 8622524, Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018, Institute of Electrical and Electronics Engineers Inc., pp. 4582-4588, 2018 IEEE International Conference on Big Data, Big Data 2018, Seattle, United States, 12/10/18. https://doi.org/10.1109/BigData.2018.8622524

Towards Prediction of Security Attacks on Software Defined Networks : A Big Data Analytic Approach. / Unal, Emre; Sen-Baidya, Sonali; Hewett, Rattikorn.

Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018. ed. / Yang Song; Bing Liu; Kisung Lee; Naoki Abe; Calton Pu; Mu Qiao; Nesreen Ahmed; Donald Kossmann; Jeffrey Saltz; Jiliang Tang; Jingrui He; Huan Liu; Xiaohua Hu. Institute of Electrical and Electronics Engineers Inc., 2019. p. 4582-4588 8622524 (Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Towards Prediction of Security Attacks on Software Defined Networks

AU - Unal, Emre

AU - Sen-Baidya, Sonali

AU - Hewett, Rattikorn

PY - 2019/1/22

Y1 - 2019/1/22

N2 - Cyber-physical systems (CPS) tightly integrate physical and computing processes by monitoring and control data interacting between them via underlying networks. Software Defined Network (SDN) Technology has increasingly become essential in many advanced computer networks, including those in modern CPS, to provide flexible and agile network development. Despite many benefits that SDN offers, malicious attacks that can eventually prevent network services are unavoidable. Among the most predominant attacks on SDN controller layer, Link Discovery Attack and ARP (Address Resolution Protocol) Spoofing Attack are fundamental in that they are the gateways of many other SDN threats and attacks. To defend these attacks, most existing techniques either rely on relatively complex data validation techniques or use thresholds that can be subjective and unable to detect more than one type of attacks at a time if one deciding factor is used. While Big data technology, particularly machine learning, has been widely used for intrusion/anomaly detection, little has been done in SDN. This paper explores how well this technology can be used to predict these SDN attacks. By employing typical machine learning algorithms on simulated data of routing in SDN when attacks occur, preliminary results, obtained from four machine learning models, show the average area under ROC curve of over 96% and 92% for sample size 50,970 (12 switches) and 60,000 (20 switches), respectively. Further experiments show near-linear scaling in training time for the best performing algorithm when sample size grows up to 100,000.

AB - Cyber-physical systems (CPS) tightly integrate physical and computing processes by monitoring and control data interacting between them via underlying networks. Software Defined Network (SDN) Technology has increasingly become essential in many advanced computer networks, including those in modern CPS, to provide flexible and agile network development. Despite many benefits that SDN offers, malicious attacks that can eventually prevent network services are unavoidable. Among the most predominant attacks on SDN controller layer, Link Discovery Attack and ARP (Address Resolution Protocol) Spoofing Attack are fundamental in that they are the gateways of many other SDN threats and attacks. To defend these attacks, most existing techniques either rely on relatively complex data validation techniques or use thresholds that can be subjective and unable to detect more than one type of attacks at a time if one deciding factor is used. While Big data technology, particularly machine learning, has been widely used for intrusion/anomaly detection, little has been done in SDN. This paper explores how well this technology can be used to predict these SDN attacks. By employing typical machine learning algorithms on simulated data of routing in SDN when attacks occur, preliminary results, obtained from four machine learning models, show the average area under ROC curve of over 96% and 92% for sample size 50,970 (12 switches) and 60,000 (20 switches), respectively. Further experiments show near-linear scaling in training time for the best performing algorithm when sample size grows up to 100,000.

KW - ARP Spoofing attack

KW - Data Analytic Applications

KW - Link Discovery attack

KW - Machine Learning

KW - SDN-specific security

KW - Software-Defined Networking

UR - http://www.scopus.com/inward/record.url?scp=85062638917&partnerID=8YFLogxK

U2 - 10.1109/BigData.2018.8622524

DO - 10.1109/BigData.2018.8622524

M3 - Conference contribution

AN - SCOPUS:85062638917

T3 - Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018

SP - 4582

EP - 4588

BT - Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018

A2 - Song, Yang

A2 - Liu, Bing

A2 - Lee, Kisung

A2 - Abe, Naoki

A2 - Pu, Calton

A2 - Qiao, Mu

A2 - Ahmed, Nesreen

A2 - Kossmann, Donald

A2 - Saltz, Jeffrey

A2 - Tang, Jiliang

A2 - He, Jingrui

A2 - Liu, Huan

A2 - Hu, Xiaohua

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 10 December 2018 through 13 December 2018

ER -

Unal E, Sen-Baidya S, Hewett R. Towards Prediction of Security Attacks on Software Defined Networks: A Big Data Analytic Approach. In Song Y, Liu B, Lee K, Abe N, Pu C, Qiao M, Ahmed N, Kossmann D, Saltz J, Tang J, He J, Liu H, Hu X, editors, Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018. Institute of Electrical and Electronics Engineers Inc. 2019. p. 4582-4588. 8622524. (Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018). https://doi.org/10.1109/BigData.2018.8622524