We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
CyberPulse++: A machine learning‐based security framework for detecting link flooding attacks in software defined networks.
- Authors
Rasool, Raihan ur; Ahmed, Khandakar; Anwar, Zahid; Wang, Hua; Ashraf, Usman; Rafique, Wajid
- Abstract
A new class of link flooding attacks (LFA) can cut off internet connections of target links by employing legitimate flows to congest these without being detected. LFA is especially powerful in disrupting traffic in software‐defined networks if the control channel is targeted. Most of the existing solutions work by conducting a deep packet‐level inspection of the physical network links. Therefore these techniques incur a significant performance overhead, are reactive, and result in damage to the network before a delayed defense is mounted. Machine learning (ML) of captured network statistics is emerging as a promising, lightweight, and proactive solution to defend against LFA. In this paper, we propose a ML‐based security framework, CyberPulse++, that utilizes a pretrained ML repository to test captured network statistics in real‐time to detect abnormal path performance on network links. It effectively tackles several challenges faced by network security solutions such as the practicality of large‐scale network‐level monitoring and collection of network status information. The framework can use a wide variety of algorithms for training the ML repository and allows the analyst a birds‐eye view by generating interactive graphs to investigate an attack in its ramp‐up stage. An extensive evaluation demonstrates that the framework offers limited bandwidth and computational overhead in proactively detecting and defending against LFA in real‐time.
- Subjects
DENIAL of service attacks; COMPUTER network security; INTERNET access; NETWORK performance; INFORMATION networks
- Publication
International Journal of Intelligent Systems, 2021, Vol 36, Issue 8, p3852
- ISSN
0884-8173
- Publication type
Article
- DOI
10.1002/int.22442