Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques
1
NASK National Research Institute, 01-045 Warsaw, Poland
2
Ministry of National Defense, 01-045 Warsaw, Poland
*
Author to whom correspondence should be addressed.
Academic Editor: Joanna Kolodziej
Sensors 2021, 21(9), 2972; https://doi.org/10.3390/s21092972
Received: 27 February 2021
/
Revised: 21 April 2021
/
Accepted: 21 April 2021
/
Published: 23 April 2021
(This article belongs to the Collection Intelligent Wireless Networks)
The increasing availability of mobile devices and applications, the progress in virtualisation technologies, and advances in the development of cloud-based distributed data centres have significantly stimulated the growing interest in the use of software-defined networks (SDNs) for both wired and wireless applications. Standards-based software abstraction between the network control plane and the underlying data forwarding plane, including both physical and virtual devices, provides an opportunity to significantly increase network security. In this paper, to secure SDNs against intruders’ actions, we propose a comprehensive system that exploits the advantages of SDNs’ native features and implements data mining to detect and classify malicious flows in the SDN data plane. The architecture of the system and its mechanisms are described, with an emphasis on flow rule generation and flow classification. The concept was verified in the SDN testbed environment that reflects typical SDN flows. The experiments confirmed that the system can be successfully implemented in SDNs to mitigate threats caused by different malicious activities of intruders. The results show that our combination of data mining techniques provides better detection and classification of malicious flows than other solutions.
View Full-Text
Keywords:
software-defined network; flow features; data mining; flow classification; Mininet; OpenDaylight
▼
Show Figures
Figure 1
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
MDPI and ACS Style
Amanowicz, M.; Jankowski, D. Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques. Sensors 2021, 21, 2972. https://doi.org/10.3390/s21092972
AMA Style
Amanowicz M, Jankowski D. Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques. Sensors. 2021; 21(9):2972. https://doi.org/10.3390/s21092972
Chicago/Turabian StyleAmanowicz, Marek, and Damian Jankowski. 2021. "Detection and Classification of Malicious Flows in Software-Defined Networks Using Data Mining Techniques" Sensors 21, no. 9: 2972. https://doi.org/10.3390/s21092972
Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
