Signature and flow statistics based anomaly detection system in software-defined networking for 6G internet of things network

Muhammad Junaid Nazar (), Adi Alhudhaif (), Kashif Naseer Qureshi (), Saleem Iqbal () and Gwanggil Jeon ()
Additional contact information
Muhammad Junaid Nazar: Arid Agriculture University
Adi Alhudhaif: Prince Sattam Bin Abdulaziz University
Kashif Naseer Qureshi: Bahria University
Saleem Iqbal: Arid Agriculture University
Gwanggil Jeon: Incheon National University

International Journal of System Assurance Engineering and Management, 2023, vol. 14, issue 1, No 8, 87-97

Abstract: Abstract The classical networks are vertically integrated into which control and data plane are connected which makes it more difficult to manage. Software-Defined Networking (SDN) is an emerging technology that broke this vertical integration and separates the data plane from the control plane. The entire network control is (logically) centralized that maintains a view of the network. However, the centralized controller brings a lot of security challenges. Traffic flowing through an SDN is vulnerable to disruptions caused by some of the SDN switches. In this paper, the malicious behavior on SDN switches is identified that causes disturbance in a network. The proposed system is based on attack signatures and is also capable to detect such misbehaving switches that drop and swap packets due to their malign intent rather than link failure. Every attack has some signature, and these attacks are identified by predefined signatures and their different behavior. The identification of three different attacks is demonstrated: (1) DDoS attack, (2) port scanning, and iii) traffic diversion attack to assess the network performance. The pool of attack signature is established in a database and update the system supplied pool of signature. Lastly, the conclusion is made by demonstrating the anomaly detection and evaluating the performance of the network by presenting experimental results. The experimental results demonstrate the effectiveness of the proposed work and illustrate the detection mechanism that can detect attacks, achieve high detection accuracy with a low false-positive rate, and discussing some future work.

Keywords: Software-defined networking (SDN); OpenFlow (OF); Flow table; Misrouting; Anomaly detection; Security; Link failure; Fast failover; Malicious behavior; 6G; IoT (search for similar items in EconPapers)
Date: 2023
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
http://link.springer.com/10.1007/s13198-021-01162-3 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:ijsaem:v:14:y:2023:i:1:d:10.1007_s13198-021-01162-3

Ordering information: This journal article can be ordered from
http://www.springer.com/engineering/journal/13198

DOI: 10.1007/s13198-021-01162-3

Access Statistics for this article

International Journal of System Assurance Engineering and Management is currently edited by P.K. Kapur, A.K. Verma and U. Kumar

More articles in International Journal of System Assurance Engineering and Management from Springer, The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().