Long Short-Term Memory and Fuzzy Logic for Anomaly Detection and Mitigation in Software-Defined Network Environment

[EN] Computer networks become complex and dynamic structures. As a result of this fact, the configuration and the managing of this whole structure is a challenging activity. Software-Defined Networks(SDN) is a new network paradigm that, through an abstraction of network plans, seeks to separate the...

ver descrição completa

Detalhes bibliográficos
Autores: Novaes, Matheus P., Carvalho, Luiz F., Lemes Proença, Mario, Lloret, Jaime|||0000-0002-0862-0533
Formato: artículo
Fecha de publicación:2020
País:España
Recursos:Universitat Politècnica de València (UPV)
Repositorio:RiuNet. Repositorio Institucional de la Universitat Politécnica de Valéncia
Idioma:inglés
OAI Identifier:oai:riunet.upv.es:10251/188040
Acesso em linha:https://riunet.upv.es/handle/10251/188040
Access Level:acceso abierto
Palavra-chave:DDoS
Deep learning
Fuzzy
LSTM
Portscan
SDN
INGENIERIA TELEMATICA
Descrição
Resumo:[EN] Computer networks become complex and dynamic structures. As a result of this fact, the configuration and the managing of this whole structure is a challenging activity. Software-Defined Networks(SDN) is a new network paradigm that, through an abstraction of network plans, seeks to separate the control plane and data plane, and tends as an objective to overcome the limitations in terms of network infrastructure configuration. As in the traditional network environment, the SDN environment is also liable to security vulnerabilities. This work presents a system of detection and mitigation of Distributed Denial of Service (DDoS) attacks and Portscan attacks in SDN environments (LSTM-FUZZY). The LSTM-FUZZY system presented in this work has three distinct phases: characterization, anomaly detection, and mitigation. The system was tested in two scenarios. In the first scenario, we applied IP flows collected from the SDN Floodlight controllers through emulation on Mininet. On the other hand, in the second scenario, the CICDDoS 2019 dataset was applied. The results gained show that the efficiency of the system to assist in network management, detect and mitigate the occurrence of the attacks.