Litcius/Paper detail

Attack-Specific Feature Selection for Anomaly Detection in Software-Defined Networks

Nadine Abbas, Youssef Nasser, Maryam Shehab, Sanaa Sharafeddine

202155 citationsDOI

Abstract

Due to the rapid advancement of technologies including the tremendous growth of multimedia content, cloud computing and mobile usage, conventional networks are not able to meet the demands. Software-Defined Networks (SDN) are considered one of the key enabling technologies providing a new powerful network architecture that allows the dynamic operation of different services using a common infrastructure. Despite their notable gains, SDNs may not be secure and are vulnerable to attacks. In this paper, we address the SDN vulnerabilities and present attack-specific feature selection to identify the features that have the most impact on anomaly detection. We first use the InSDN intrusion dataset that considers different attacks including Denial-of-Service (DoS), Distributed-DoS (DDoS), brute force, probe, web and botnet attacks. We then perform data pre-processing and apply univariate feature selection to select the features having the highest impact on the different attacks. These selected features can then be used to train the model which reduces the computational cost of modeling while keeping the high performance of the model. Detailed analysis and simulation results are then presented to show the predominant features and their impact on the different attacks.

Topics & Concepts

Computer scienceDenial-of-service attackBotnetCloud computingFeature selectionSoftware-defined networkingSoftwareIntrusion detection systemAnomaly detectionMalwareKey (lock)Feature (linguistics)Big dataComputer networkDistributed computingComputer securityData miningMachine learningOperating systemThe InternetLinguisticsPhilosophyNetwork Security and Intrusion DetectionSoftware-Defined Networks and 5GAdvanced Malware Detection Techniques
Attack-Specific Feature Selection for Anomaly Detection in Software-Defined Networks | Litcius