Identification and predication of network attack patterns in software-defined networking
Tóm tắt
Software-defined networking (SDN) is earning popularity in enterprise network for simplifying network management service and reducing operational cost. However, security enhancement is required for concerns. In this paper, we analyze the network attack patterns of governments and enterprises, whose networking paradigm are constructed in SDN. In detail, methods of time series data mining including clustering and forecasting are proposed to discover hidden information in temporal network attack data. To start with, hierarchical clustering with modified dynamic time warping distance measure was developed to classify time series data of nine departments of China, which is aimed to identify patterns of network attack. We then explored autoregressive integrated moving average to build a model describing relationships and behavior of network attack as well as forecast the frequency of the future network attack, which is targeted to prevent extensive exposure of attack events. Experiments demonstrated that our models have the ability to distinguish the complex phenomena of temporal network attack and realize statistically accurate predication of network attack under SDN architecture. Our work provides the foundation for decision-making when dealing with issues of network safety.
Tài liệu tham khảo
Kreutz D, Ramos FM, Verissimo P, Rothenberg CE, Azodolmolky S, Uhlig S (2015) Software-defined networking: a comprehensive survey. Proc IEEE 103(1):14–76
Jagadeesan NA, Krishnamachari B (2014) Software-Defined Networking Paradigms in Wireless Networks: A Survey. ACM Comput Surv 47(2):27.1–27.11
Hu F, Hao Q, Bao K (2014) A survey on software-defined network and OpenFlow: from concept to implementation. IEEE Commun Surv Tutorials 16(4):2181–2206
Farhady H, Lee H, Nakao A (2015) Software-defined networking. Comput Netw 81:79–95
Wang B, Zheng Y, Lou W, Hou YT (2015) DDoS attack protection in the era of cloud computing and software-defined networking. Comput Netw 81(81):308–319
Luo S, Dong M, Ota K, Wu J, Li J (2015) A Security Assessment Mechanism for software-defined networking-based mobile networks. Sensors 15(12):31843–31858
Everitt B (1974) Cluster analysis. Heinemann Educ. Books, London
Izakian H, Pedrycz W, Jamal I (2015) Fuzzy clustering of time series data using dynamic time warping distance. Eng Appl Artif Intell 39:235–244
Murtagh F, Legendre P (2014) Ward's hierarchical agglomerative clustering method: which algorithms implement Ward's criterion? J Classif 31(3):274–295
Sakoe H, Chiba S (1978) Dynamic programming algorithm optimization for spoken word recognition. IEEE Trans Acoust Speech Signal Process 26(1):43–49
Keogh E, Ratanamahatana CA (2005) Exact indexing of dynamic time warping. Knowl Inf Syst 7(3):358–386
Zhen D, Wang T, Gu F, Ball AD (2013) Fault diagnosis of motor drives using stator current signal analysis based on dynamic time warping. Mech Syst Signal Process 34(1):191–202
Alcaraz R, Hornero F, Rieta JJ (2013) Dynamic time warping applied to estimate atrial fibrillation temporal organization from the surface electrocardiogram. Med Eng Phys 35(9):1341–1348
Shorten GP, Burke MJ (2014) Use of dynamic time warping for accurate ECG signal timing characterization. J Med Eng Technol 38(4):188–201
Aach J, Church GM (2001) Aligning gene expression time series with time warping algorithms. Bioinformatics 17(6):495–508
Hermans F, Tsiporkova E (2007) Merging microarray cell synchronization experiments through curve alignment. Bioinformatics 23(2):e64–e70
Basil M, Gawali BW (2015) Comparative analysis of MSER and DTW for offline signature recognition. Int J Comput Appl 110(5):13–17
Faundezzanuy M, Pascualgaspar JM (2011) Efficient on-line signature recognition based on multi-section vector quantization. Pattern Anal Applic 14(1):37–45
Vikram S, Li L, Russell S (2013) Writing and sketching in the air, recognizing and controlling on the fly. Human factors in computing systems
Janacek GJ (2010) Time series analysis forecasting and control. J Time Ser Anal 31(4):303–303
Zhang GP (2003) Time series forecasting using a hybrid ARIMA and neural network model. Neurocomputing 50:159–175
Fard AK, Akbarizadeh M (2014) A hybrid method based on wavelet, ANN and ARIMA model for short-term load forecasting. J Exp Theor Artif Intell 26(2):167–182
Babu CN, Reddy BE (2014) A moving-average filter based hybrid ARIMA-ANN model for forecasting time series data. Appl Soft Comput 23:27–38
Hamzacebi C (2008) Improving artificial neural networks' performance in seasonal time series forecasting. Inf Sci 178(23):4550–4559
Royston JP (1982) An extension of Shapiro and Wilk's W test for normality to large samples. Appl Stat 31:115–124
Bartlett MS (1992) Properties of sufficiency and statistical tests. Proceedings of the Royal Society a: mathematical. Phys Eng Sci 160(901):113–126
Hollander M, Wolfe DA (1999) Nonparametric statistical method, 2nd edn. John Wiley and Sons, New York
Sokal RR (1989) Nonparametric statistics for the behavioral sciences. Sidney Siegel, N. John castellan, Jr. Q Rev Biol 64(2):242–242