Abstract
Software-defined network (SDN) consists of two layers; control and data layer that makes SDN more flexible and scalable. Open flow protocol used for SDN, which makes it simpler and easy to optimize. In this paper, we developed a SABIDS for the Python-based controller (RYU) which detects the incoming traffic by taking their flow statistics, detects the malware flow statistics (by using the pattern match technique), and identifies the malicious flow. Also, it identifies the source IP of the incoming malicious traffic and that specific IP can be blocked easily using the blacklist technique. This scheme enables the SDN controller to learn about malicious traffic and avoid the potential losses like system failure or risk of being an attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Zhang X, Li C, Zheng W (2004) Intrusion prevention system design. In: International conference on computer and information technology. IEEE Computer Society, pp 386–390
Shabtai A, Menahem E, Elovici Y (2011) F-sign: automatic, function-based signature generation for malware. Syst Man Cybern C Appl Rev IEEE Trans
Suvchul L, Sungho K, Sungil L et al (2016) LARGen: automatic signature generation for malwares using latent Dirichlet allocation. IEEE Trans on Dependable Secure Comput 99
Jiefei M, Franck L, Alessandra R, Jorge L (2015) Detecting distributed signature based intrusion: the case of multi path routing attacks. In: IEEE conference on computer communication
Omessaad H, Maissa M, Francine K (2015) A cloud based architecture for network attack signature learning. In: 7th international conference on new technologies, mobility and security (NTMS)
Mohamed BA, Nawal FEA et al (2014) Using patch management tools to enhance signature customization for IDSs based on vulnerability scanners. In: 11th international conference on information technology: new generation
Wan WY, Guo F, ShuFang X, Polymorphic worms signature extraction based-on improved ant colony algorithm. In: The 9th international conference on computer science & education
McCauley J, Panda A, Casado M, Koponen T, Shenker S (2013) Extending SDN to large-scale networks. In: Proceedings of open networking summit, pp 1–2
Anwer B, Benson T, Feamster N, Levin D, Rexford J (2013) A slick control plane for network middleboxes. In: Proceedings of 2nd ACM SIGCOMM workshop hot topics software defined networks
Chu YH, Tseng MC, Chen YT, Chou YC, Chen YR (2010) A novel design for future on-demand service and security. In: Proceedings of IEEE 12th ICCT, pp 385–388
Thuy TV, Heejune A (2015) A network topology-aware selectively distributed firewall control in SDN. In: International conference on info and communication technology convergence (ICTC)
Gray K, Nadeau TD (2013) SDN: software defined networks, Chap 4. O’Reilly Media
Kaplan L, Halagan T, Development sketch-based tool for creation and scaling of virtualized SDN infrastructure. In: 13th international conference on emerging elearning technologies and applications
OpenFlow Switch Specification, Version 1.5.2, Released by Open Network Foundation (2020). Available at https://opennetworking.org/tag/openflow/
Cello M, Marchese M et al (2016) Statistical fingerprint-based intrusion detection system (SF-IDS). Int J Commun Syst
Publicly available PCAP (2019). Available at http://www.netresec.com/?page=PcapFiles
MACCDC “Publicly available PCAP”. Available at http://www.netresec.com/?page=MACCDC. Accessed 20 July 2017
Juniper Networks (2020) Understanding OpenFlow flow entry timers on devices running Junos OS. Available at https://www.juniper.net/documentation/en_US/junos/topics
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Naqash, T., Tanveer, M.H., Shah, S.H., Salman, M. (2022). Statistical Analysis-Based Intrusion Detection for Software Defined Network. In: Zhang, YD., Senjyu, T., So-In, C., Joshi, A. (eds) Smart Trends in Computing and Communications. Lecture Notes in Networks and Systems, vol 286. Springer, Singapore. https://doi.org/10.1007/978-981-16-4016-2_27
Download citation
DOI: https://doi.org/10.1007/978-981-16-4016-2_27
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-4015-5
Online ISBN: 978-981-16-4016-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)