Volume 43 Issue 2
Sep 2022
Turn off MathJax
Article Contents
LIU Jing, HE Yun, LAI Yingxu. Research and Implementation of Security Audit on SDN Architecture[J]. JOURNAL OF MECHANICAL ENGINEERING, 2017, 43(2): 180-191. doi: 10.11936/bjutxb2016050070
Citation: LIU Jing, HE Yun, LAI Yingxu. Research and Implementation of Security Audit on SDN Architecture[J]. JOURNAL OF MECHANICAL ENGINEERING, 2017, 43(2): 180-191. doi: 10.11936/bjutxb2016050070

Research and Implementation of Security Audit on SDN Architecture

doi: 10.11936/bjutxb2016050070
  • Received Date: 29 May 2016
    Available Online: 13 Sep 2022
  • Issue Publish Date: 01 Feb 2017
  • To address security challenges in software defined networking (SDN) architecture, centered on the security audit aspect of the SDN architecture, the traditional network security audit solutions and the SDN architecture’s centralized control features were combined. A security audit system was designed and implemented based on the Floodlight controller and was operated in the SDN environment, in which the collection, analysis, storage of audit events and other functions were included. A backtracking algorithm against DDoS scenario was designed to detect the attackers and dummy hosts via reviewing and analyzing security audit events retrospectively. Besides, a sliding window segmentation algorithm was proposed which extracted user’s behavior patterns after implementing sequence analysis against security audit events. Based on the Levenshtein algorithm to the similarity of sequence patterns were calculated, then according to the similarity of the current user’s behaviors and historical behaviors, suspected attack behaviors were detected.

     

  • loading
  • [1]
    SCOTT S, NATARAJAN S, SEZER S.A survey of security in software defined networks[J]. IEEE Communications Surveys & Tutorials, 2016, 18(1): 623-654.
    [2]
    BRAGA R, MOTA E, PASSITO A.Lightweight DDoS flooding attack detection using NOX/OpenFlow[C]//Local Computer Networks (LCN), 2010 IEEE 35th Conference. Denver, USA: IEEE, 2010: 408-415.
    [3]
    KOHONEN T.The self-organizing map[J]. Proc IEEE, 1990, 78(9): 1464-1480.
    [4]
    PORRAS P, SHIN S, YEGNESWARAN V, et al.A security enforcement kernel for OpenFlow networks[C]//Proceedings of the First Workshop on Hot Topics in Software Defined Networks. Helsinki: ACM, 2012: 121-126.
    [5]
    GUDE N, KOPONEN T, PETTIT J, et al.NOX: towards an operating system for networks[C]//ACM SIGCOMM Computer Communication Review. New York: IEEE, 2008, 38(3): 105-110.
    [6]
    PORRAS P, CHEUNG S, FONG M, et al.Securing the software-defined network control layer[C]//The 2015 Annual Network and Distributed System Security Symp.(NDSS 2015). San Diego: Internet Society, 2015: 1-15.
    [7]
    ZHAO Y D.Study on association rules algorithm and application in network security audit system [D]. Beijing: Tsinghua University, 2005. (in Chinese)
    [8]
    TARTAKOVSKY A G, POLUNCHENKO A S, SOKOLOV G.Efficient computer network anomaly detection by changepoint detection methods[J]. IEEE Journal of Selected Topics in Signal Processing, 2013, 7(1): 4-11.
    [9]
    AGRAWAL R, SRIKANT R.Mining sequential patterns[C]//Data Engineering 1995 the Eleventh International Conference. Taipei: IEEE, 1995: 3-14.
    [10]
    SRIKANT R, AGRAWAL R.Mining sequential patterns: generalizations and performance improvements[J]. Berlin: Springer, 1996, 1057(6): 1-17.
    [11]
    LIAN Y F, DAI Y X, WANG H.Anomaly detection of user behaviors based on profile mining[J].Chinese Journal of Computers, 2002(3): 325-330. (in Chinese)
  • 加载中

Catalog

    Figures(12)  / Tables(5)

    Article Metrics

    Article views(86) PDF downloads(0) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return