Skip to main content
SpringerLink
Log in
Book cover

International Conference on Artificial Intelligence and Security

ICAIS 2019: Artificial Intelligence and Security pp 248–259Cite as

Research on Detection Method of Abnormal Traffic in SDN

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11632))

Abstract

Compared with traditional network, the network architecture and equipment function of SDN have changed dramatically. Thus it is necessary to research more targeted network security strategies. Abnormal traffic detection is the foundation of intrusion detection and intrusion prevention. For this reason, This paper proposes a specific abnormal flow detection method aimed at SDN. The method makes full use of flow-table in SDN switch to extract the features of abnormal flows, and applies information entropy to process non-numerical features of a flow into numerical features. Finally, a BP neural network model previously trained by these numerical features are used for abnormal flows detection. The contrast experiment results show that, this method can detect abnormal traffic in SDN effectively.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. McKeown, N., Anderson, T., Balakrishnan, H., et al.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  2. Huang, H., Deng, H., Chen, J., et al.: Automatic multi-task learning system for abnormal network traffic detection. Int. J. Emerg. Technol. Learn. (iJET) 13(4), 4–20 (2018)

    Article  Google Scholar 

  3. Zhu, M.-J., Guo, N.-W.: Abnormal network traffic detection based on semi-supervised machine learning. DEStech Trans. Eng. Technol. Res. (2017). (ecame)

    Google Scholar 

  4. Kong, L., Huang, G., Wu, K.: Identification of abnormal network traffic using support vector machine. In: International Conference on Parallel and Distributed Computing, Applications and Technologies, pp. 288–292. IEEE Computer Society (2017)

    Google Scholar 

  5. Cheng, R., Xu, R., Tang, X., Sheng, V.S., Cai, C.: An abnormal network flow feature sequence prediction approach for DDoS attacks detection in big data environment. CMC: Comput. Mater. Continua 55(1), 095–119 (2018)

    Google Scholar 

  6. Chang, S., Qiu, X., Gao, Z., et al.: A flow-based anomaly detection method using sketch and combinations of traffic features. In: International Conference on Network and Service Management, pp. 302–305. IEEE (2011)

    Google Scholar 

  7. Wan, M., Yao, J., Jing, Y., Jin, X.: Event-based anomaly detection for non-public industrial communication protocols in SDN-based control systems. CMC: Comput. Mater. Continua 55(3), 447–463 (2018)

    Google Scholar 

  8. Zhang, Y.: An adaptive flow counting method for anomaly detection in SDN. In: Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies, pp. 25–30. ACM (2013)

    Google Scholar 

  9. Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp. 408–415. IEEE Computer Society (2010)

    Google Scholar 

  10. Giotis, K., Argyropoulos, C., Androulidakis, G., et al.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62(5), 122–136 (2014)

    Article  Google Scholar 

  11. Mehdi, S.A., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 161–180. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23644-0_9

    Chapter  Google Scholar 

  12. Zuo, Q., Chen, M., Wang, X., et al.: Online traffic anomaly detection method for SDN. J. Xidian Univ. (Nat. Sci.) 42(1), 155–160 (2015). (in Chinese)

    Google Scholar 

  13. Chi, S., Zhou, S.: Research on defend against DDoS attacks. Netinfo Secur. (5), 27–31 (2012). (in Chinese)

    Google Scholar 

  14. Jouet, S., Perkins, C., Pezaros, D.: OTCP: SDN-managed congestion control for data center networks. In: Network Operations and Management Symposium, pp. 171–179. IEEE (2016)

    Google Scholar 

  15. Noormohammadpour, M., Raghavendra, C.S.: Datacenter traffic control: understanding techniques and trade-offs. IEEE Commun. Surv. Tutor. 20(2), 1492–1525 (2017)

    Article  Google Scholar 

  16. Sasaki, T., Pappas, C., Lee, T., et al.: SDNsec: forwarding accountability for the SDN data plane. In: International Conference on Computer Communication and Networks, pp. 1–10. IEEE (2016)

    Google Scholar 

  17. Wang, X., Shang, Z., Chen, L.: Feature selection algorithm toward abnormal traffic detection. Comput. Eng. Appl. 46(28), 125–127 (2010). (in Chinese)

    Google Scholar 

  18. DARPA Intrusion Detection Data Sets. http://www.ll.mit.edu/ideval/data/index.html

  19. LOIC: Low Orbit Ion Cannon. http://sourceforge.net/projects/loic/

Download references

Acknowledgement

This work was supported by the National Natural Science Foundation of China Nos. 61672101, the Beijing Key Laboratory of Internet Culture and Digital Dissemination Research (ICDDXN004)* and Key Lab of Information Network Security, Ministry of Public Security, No. C18601.

Author information

Authors and Affiliations

  1. Beijing Key Laboratory of Internet Culture and Digital Dissemination Research, Beijing, 100101, China

    Yabin Xu

  2. Beijing Information Science and Technology University, Beijing, 100101, China

    Yabin Xu, Chenxiao Cui & Ting Xu

  3. China Academy of Electronics and Information Technology, Beijing, 100041, China

    Yangyang Li

Authors
  1. Yabin Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chenxiao Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ting Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yangyang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yabin Xu .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Zhaoqing Pan

  3. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xu, Y., Cui, C., Xu, T., Li, Y. (2019). Research on Detection Method of Abnormal Traffic in SDN. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11632. Springer, Cham. https://doi.org/10.1007/978-3-030-24274-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-24274-9_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-24273-2

  • Online ISBN: 978-3-030-24274-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation