Home // International Journal On Advances in Networks and Services, volume 17, numbers 3 and 4, 2024 // View article
Authors:
Naoya Kitagawa
Jumpei Sato
Kohta Ohshima
Keywords: Software-defined networking; Data plane verifi- cation; Byte consistency verification; Anomaly detection.
Abstract:
Software-defined networking (SDN), which enables flexible routing control based on communication content, has been widely studied as a countermeasure against possible attacks on the data plane by compromised SDN switches and hosts. We previously proposed a byte consistency verification method that uses information such as transfer volume collected from SDN switches to detect anomalous communications, even when the communications are encrypted. In addition, we improved the anomaly detection performance of this method by implementing high-precision time synchronization and an SDN switch function for each host. In this study, we extend the scope of information collection to each host (in addition to SDN switches) and propose a data plane anomaly detection method that monitors the communication volume of each process at each host. We also propose a method that automatically adjusts the threshold, which can be set individually for each node, used for detection. Furthermore, we implement and evaluate the proposed method on a network testbed. The results confirm that it can be used to improve anomaly detection accuracy.
Pages: 51 to 58
Copyright: Copyright (c) to authors, 2024. Used with permission.
Publication date: December 30, 2024
Published in: journal
ISSN: 1942-2644