Skip to main content
SpringerLink
Log in

Statistical Analysis-Based Intrusion Detection for Software Defined Network

  • Conference paper
  • First Online:
Smart Trends in Computing and Communications

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 286))

  • 799 Accesses

Abstract

Software-defined network (SDN) consists of two layers; control and data layer that makes SDN more flexible and scalable. Open flow protocol used for SDN, which makes it simpler and easy to optimize. In this paper, we developed a SABIDS for the Python-based controller (RYU) which detects the incoming traffic by taking their flow statistics, detects the malware flow statistics (by using the pattern match technique), and identifies the malicious flow. Also, it identifies the source IP of the incoming malicious traffic and that specific IP can be blocked easily using the blacklist technique. This scheme enables the SDN controller to learn about malicious traffic and avoid the potential losses like system failure or risk of being an attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Zhang X, Li C, Zheng W (2004) Intrusion prevention system design. In: International conference on computer and information technology. IEEE Computer Society, pp 386–390

    Google Scholar 

  2. Shabtai A, Menahem E, Elovici Y (2011) F-sign: automatic, function-based signature generation for malware. Syst Man Cybern C Appl Rev IEEE Trans

    Google Scholar 

  3. Suvchul L, Sungho K, Sungil L et al (2016) LARGen: automatic signature generation for malwares using latent Dirichlet allocation. IEEE Trans on Dependable Secure Comput 99

    Google Scholar 

  4. Jiefei M, Franck L, Alessandra R, Jorge L (2015) Detecting distributed signature based intrusion: the case of multi path routing attacks. In: IEEE conference on computer communication

    Google Scholar 

  5. Omessaad H, Maissa M, Francine K (2015) A cloud based architecture for network attack signature learning. In: 7th international conference on new technologies, mobility and security (NTMS)

    Google Scholar 

  6. Mohamed BA, Nawal FEA et al (2014) Using patch management tools to enhance signature customization for IDSs based on vulnerability scanners. In: 11th international conference on information technology: new generation

    Google Scholar 

  7. Wan WY, Guo F, ShuFang X, Polymorphic worms signature extraction based-on improved ant colony algorithm. In: The 9th international conference on computer science & education

    Google Scholar 

  8. McCauley J, Panda A, Casado M, Koponen T, Shenker S (2013) Extending SDN to large-scale networks. In: Proceedings of open networking summit, pp 1–2

    Google Scholar 

  9. Anwer B, Benson T, Feamster N, Levin D, Rexford J (2013) A slick control plane for network middleboxes. In: Proceedings of 2nd ACM SIGCOMM workshop hot topics software defined networks

    Google Scholar 

  10. Chu YH, Tseng MC, Chen YT, Chou YC, Chen YR (2010) A novel design for future on-demand service and security. In: Proceedings of IEEE 12th ICCT, pp 385–388

    Google Scholar 

  11. Thuy TV, Heejune A (2015) A network topology-aware selectively distributed firewall control in SDN. In: International conference on info and communication technology convergence (ICTC)

    Google Scholar 

  12. Gray K, Nadeau TD (2013) SDN: software defined networks, Chap 4. O’Reilly Media

    Google Scholar 

  13. Kaplan L, Halagan T, Development sketch-based tool for creation and scaling of virtualized SDN infrastructure. In: 13th international conference on emerging elearning technologies and applications

    Google Scholar 

  14. OpenFlow Switch Specification, Version 1.5.2, Released by Open Network Foundation (2020). Available at https://opennetworking.org/tag/openflow/

  15. Cello M, Marchese M et al (2016) Statistical fingerprint-based intrusion detection system (SF-IDS). Int J Commun Syst

    Google Scholar 

  16. Publicly available PCAP (2019). Available at http://www.netresec.com/?page=PcapFiles

  17. MACCDC “Publicly available PCAP”. Available at http://www.netresec.com/?page=MACCDC. Accessed 20 July 2017

  18. Juniper Networks (2020) Understanding OpenFlow flow entry timers on devices running Junos OS. Available at https://www.juniper.net/documentation/en_US/junos/topics

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Bahria University Islamabad, Islamabad, Pakistan

    Talha Naqash & Sajjad Hussain Shah

  2. Department of Robotics & Mechatronics Engineering, Kennesaw State University, Kennesaw, GA, USA

    M. Hassan Tanveer

  3. Department of Mechanical Engineering, Kennesaw State University, Kennesaw, GA, USA

    Muhammad Salman

Authors
  1. Talha Naqash
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Hassan Tanveer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sajjad Hussain Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Salman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Talha Naqash .

Editor information

Editors and Affiliations

  1. Department of Informatics, University of Leicester, Leicester, UK

    Yu-Dong Zhang

  2. Department of Electrical and Electronics Engineering, University of the Ryukyus, Nishihara, Okinawa, Japan

    Tomonobu Senjyu

  3. Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand

    Chakchai So-In

  4. Global Knowledge Research Foundation, Ahmedabad, Gujarat, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Naqash, T., Tanveer, M.H., Shah, S.H., Salman, M. (2022). Statistical Analysis-Based Intrusion Detection for Software Defined Network. In: Zhang, YD., Senjyu, T., So-In, C., Joshi, A. (eds) Smart Trends in Computing and Communications. Lecture Notes in Networks and Systems, vol 286. Springer, Singapore. https://doi.org/10.1007/978-981-16-4016-2_27

Download citation

Publish with us

Policies and ethics

Search

Navigation