Detecção e autorreparo de anomalias em redes definidas por software
Abstract
The accelerated technological advances have resulted in the increased occurrence of network anomalies, such as DoS attacks. The complexity and heterogeneity of the current networks has been the main obstacle to detect and especially block the attacks without human intervention. Thus, this work presents a solution capable of detecting and blocking anomalies automatically in the context of software defined networks (SDN). The proposed solution consists of three main modules, responsible for collecting of data, detecting anomalies and applying a corrective action to solve the identified problem. To validate the solution a case study was performed using a real network attack.
References
Abranet. (2017) “Internet das Coisas faz ataques DDoS crescerem 138% no Brasil”, [link], Agosto.
Ahmad, I., Namal, S., Ylianttila, M. and Gurtov, A. (2015) “Security in Software
Defined Networks: A Survey”, In: IEEE Communications Surveys & Tutorials, vol.17, no. 4, p. 2317-2346.
Ahmed, M., Mahmood, A. N. and Hu, J. (2016) “A survey of network anomaly detection techniques”, In: Journal of Network and Computer Applications 60, p. 19-31, Austrália.
Amaral A. A. et al. (2017), “Deep IP flow inspection to detect beyond network anomalies”, Computer Communications, vol. 98, p. 80-96.
Conti, M., Dehghantanha, A., Franke, K. and Watson, S. (2017) “Internet of Things Security and Forensics: Challenges and Opportunities”, In: Future Generation Computer Systems, ISSN 0167-739X.
Costa, L. R. (2013) “OpenFlow e o Paradigma de Redes Definidas por Software”, In: Universidade de Brasília, Monografia (Licenciatura em Ciência da Computação), ix, 143 f., Brasília.
Dacier M. C. et al. (2017), "Security Challenges and Opportunities of Software-Defined Networking," in IEEE Security & Privacy, vol. 15, no. 2, p. 96-100.
Francis, R. (2017) “Data breaches through wearables put target squarely on IoT in 2017”, [link], Agosto.
Izard, R. (2017) “How to add a REST API to a Module”, [link], Julho.
Macedo, D. F., Guedes, D., Vieira, L. F. M., Vieira, M. A. M. and Nogueira Michele (2015) “Programmable Networks – From Software-Defined Radio to Software-Defined Networking”, In: IEEE Communications Surveys & Tutorials, vol. 17, no. 2, p. 1102-1125.
Mousavi, S. M. (2014) “Early Detection of DDoS Attacks in Software Defined Networks Controller”, In: Thesis (master), Carleton University, Ottawa, Ontario.
Porras, P., Cheung, S., Fong, M., Skinner, K. and Yegneswaran, V. (2015) “Securing the Software-Defined Network Control Layer”, In: Network and Distributed System Security Symposium (NDSS), Sand Diego, California.
Yan, Q., Yu, F. R., Senior member, IEEE, Gong, Q. and Li, J. (2015) “Software-defined networking (SDN) and distributed denial of servisse (DDoS) attacks ind cloud computing environments: a survey, some research issues, and challenges”, In: IEEE Communications Surveys & Tutorials, vol. 18, no. 1, p. 602-622.
Ahmad, I., Namal, S., Ylianttila, M. and Gurtov, A. (2015) “Security in Software
Defined Networks: A Survey”, In: IEEE Communications Surveys & Tutorials, vol.17, no. 4, p. 2317-2346.
Ahmed, M., Mahmood, A. N. and Hu, J. (2016) “A survey of network anomaly detection techniques”, In: Journal of Network and Computer Applications 60, p. 19-31, Austrália.
Amaral A. A. et al. (2017), “Deep IP flow inspection to detect beyond network anomalies”, Computer Communications, vol. 98, p. 80-96.
Conti, M., Dehghantanha, A., Franke, K. and Watson, S. (2017) “Internet of Things Security and Forensics: Challenges and Opportunities”, In: Future Generation Computer Systems, ISSN 0167-739X.
Costa, L. R. (2013) “OpenFlow e o Paradigma de Redes Definidas por Software”, In: Universidade de Brasília, Monografia (Licenciatura em Ciência da Computação), ix, 143 f., Brasília.
Dacier M. C. et al. (2017), "Security Challenges and Opportunities of Software-Defined Networking," in IEEE Security & Privacy, vol. 15, no. 2, p. 96-100.
Francis, R. (2017) “Data breaches through wearables put target squarely on IoT in 2017”, [link], Agosto.
Izard, R. (2017) “How to add a REST API to a Module”, [link], Julho.
Macedo, D. F., Guedes, D., Vieira, L. F. M., Vieira, M. A. M. and Nogueira Michele (2015) “Programmable Networks – From Software-Defined Radio to Software-Defined Networking”, In: IEEE Communications Surveys & Tutorials, vol. 17, no. 2, p. 1102-1125.
Mousavi, S. M. (2014) “Early Detection of DDoS Attacks in Software Defined Networks Controller”, In: Thesis (master), Carleton University, Ottawa, Ontario.
Porras, P., Cheung, S., Fong, M., Skinner, K. and Yegneswaran, V. (2015) “Securing the Software-Defined Network Control Layer”, In: Network and Distributed System Security Symposium (NDSS), Sand Diego, California.
Yan, Q., Yu, F. R., Senior member, IEEE, Gong, Q. and Li, J. (2015) “Software-defined networking (SDN) and distributed denial of servisse (DDoS) attacks ind cloud computing environments: a survey, some research issues, and challenges”, In: IEEE Communications Surveys & Tutorials, vol. 18, no. 1, p. 602-622.
Published
2017-11-06
How to Cite
MORO, Fernando Luiz; AMARAL, Alexandre; AMARAL, Ana Paula; NOGUEIRA, Rodrigo.
Detecção e autorreparo de anomalias em redes definidas por software. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 17. , 2017, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2017
.
p. 541-548.
DOI: https://doi.org/10.5753/sbseg.2017.19529.
