Genetic algorithm for SDN protection against network attacks
Keywords:SDN, controller, OPENFLOW, POX, network attacks, MININET, defensive algorithm
AbstractThis paper examines the problem of detecting and blocking network attacks using SDN. This problem is formulated as the problem of finding the "correct" vector, in fact, it is the task of the binary integer programming. The DDoS-attack is used as a network attack. A mathematical model of the problem and algorithm to identify sets of attacking hosts from the recorded data is developed. Upon detection of the set, the problem is reduced to the problem of preventing the attack, which means blocking IP-addresses. To evaluate the effectiveness of the proposed algorithm of intrusion detection, experimental studies have been conducted. To simulate SDN networks, Mininet network emulator was used. The task of the binary integer programming was solved. The analysis of results confirms that using SDN advantages, namely, centralized management and flexibility, we were able to implement a genetic algorithm, which protected the network from one of the most common network attacks — DDoS.
Nadeau T. SDN: Software Defined Network [Text] / T. Nadeau, K. Gray. — Washington: O’Reilly Media, 2013. — P. 9–11.
Open Networking Lab - Confluence [Digital source] : POX Wiki.Ali Al-Shabibi. — Available at: https://openflow.stanford.edu/display/ONL/POX+Wiki
Holland J. Adaptation in natural and artificial systems [Text] / J. Holland. — University of Michigan Press, Ann Arbor, 1975. — P. 2.
Limoncelli T. Adaptation in natural and artificial systems [Text] / T. Limoncelli. — ACM, 2012. — 55 p.
Composing software-defined networks / C. Monsanto, P. Private, A. Monsanto etc. — New York, USA: USENIX NSDI, 2013. — 13 p.
A security enforcement kernel for openflow networks / P. Porras, S. Shin, V. Yegneswaran etc. — New York, USA: ACM, 2012. — 10 p.