Forensics Based SDN in Data Centers
Recently, most data centers have adopted for Software-Defined Network (SDN) architecture to meet the demands for scalability and cost-efficient computer networks. SDN controller separates the data plane and control plane and implements instructions instead of protocols, which improves the Quality of Services (QoS) , enhances energy efficiency and protection mechanisms . However, such centralizations present an opportunity for attackers to utilize the controller of the network and master the entire network devices, which makes it vulnerable. Recent studies efforts have attempted to address the security issue with minimal consideration to the forensics aspects. Based on this, the research will focus on the forensic issue on the SDN network of data center environments. There are diverse approaches to accurately identify the various possible threats to protect the network. For this reason, deep learning approach will used to detect DDoS attacks, which is regarded as the most proper approach for detection of threat. Therefore, the proposed network consists of mobile nodes, head controller, detection engine, domain controller, source controller, Gateway and cloud center. The first stage of the attack is analyzed as serious, where the process includes recording the traffic as criminal evidence to track the criminal, add the IP source of the packet to blacklist and block all packets from this source and eliminate all packets. The second stage not-serious, which includes blocking all packets from the source node for this session, or the non-malicious packets are transmitted using the proposed protocol. This study is evaluated in OMNET ++ environment as a simulation and showed successful results than the existing approaches.
Alshammari, F. (2017). An Efficient Approach for the Security Threats on Data Centers in IOT Environment. International Journal of Advanced Computer Science and Applications (IJACSA), 8(4), pp.73-80.
Arista. (2016). Security for the Cloud Data Center, white paper. [online]. Available at: https://www.arista.com/assets/data/pdf/Whitepapers/ARISTA_SecuritySolutionWP.pdf
De Assis, M., Hamamoto, A., Abrao, T. and Proenca, M. (2017). A Game Theoretical Based System Using Holt-Winters and Genetic Algorithm With Fuzzy Logic for DoS/DDoS Mitigation on SDN Networks. IEEE Access, 5, pp.9485-9496.
Francois, J. and Festor, O. (2014). Anomaly Traceback using Software Defined Networking, WIFS 2014 IEEE workshop on information Forensics and security, Atlanta, Georgia, 2014, pp.203-208.
Jacobi, I. (2010). Data Provenance in Distributed Propagator Networks, IPAW 2010: Provenance and Annotation of Data and Processes, Troy, New York, 2010, pp 260-264
Kandoi, R. and Antikainen, M. (2015). Denial-of-service attacks in OpenFlow SDN networks. 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), Ottawa, Canada, pp. 1322-1326.
Khan, S., Gani, A., Wahab, A., Abdelaziz, A., Ko, K., Khan, M. and Guizani, M. (2016) Software-Defined Network Forensics: Motivation, Potential Locations, Requirements, and Challenges. IEEE Network, 30(6), pp. 6-13.
Lei, T., Lu, Z., Wen, X., Zhao, X., & Wang, L. (2014). SWAN: An SDN based campus WLAN framework. 2014 4th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), Aalborg, Denmark, pp. 1-5.
Martins, J. and Campos, M. (2016). A security architecture proposal for detection and response to threats in SDN networks. 2016 IEEE ANDESCON, Arequipa, Peru, pp. 1-4.
Myint Oo, M., Kamolphiwong, S., Kamolphiwong, T. and Vasupongayya, S. (2019) Advanced Support Vector Machine- (ASVM-) Based Detection for Distributed Denial of Service (DDoS) Attack on Software Defined Networking (SDN). Journal of Computer Networks and Communications, 2019, pp. 1-12.
Niyaz, Q., Sun, W. and Javaid, A. (2017) A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN). ICST Transactions on Security and Safety, 4(12), p. 153515.
Phan, T. and Park, M. (2019) Efficient Distributed Denial-of-Service Attack Defense in SDN-Based Cloud. IEEE Access, 7, pp. 18701-18714.
Pimenta Rodrigues, G., de Oliveira Albuquerque, R., Gomes de Deus, F., de Sousa Jr., R., de Oliveira Júnior, G., García Villalba, L. and Kim, T. (2017). Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet Inspection. Applied Sciences, 7(10), p.1082.
Seungwon, S. and Gu, G. (2013). Attacking Software-Defined Networks: A First Feasibility Study. Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, Hong Kong, China, pp. 165-166.
Swami, R., Dave, M. and Ranga, V. (2019) Software-defined Networking-based DDoS Defense Mechanisms. ACM Computing Surveys, 52(2), pp. 1-36.
Tuan, T. A., Mhamdi, L., McLernon, S., Zaidi, S. A. R. and Ghogho, M. (2016). Deep Learning Approach for Network Intrusion Detection in Software Defined Networking. IEEE International Conference on Wireless Networks and Mobile Communications (WINCOM), Fez, Morocco, pp. 258-263.
Wang, Y., Uehara, T., & Sasaki, R. (2015). Fog Computing: Issues and Challenges in Security and Forensics. 2015 IEEE 39th Annual Computer Software and Applications Conference, Taichung, Taiwan, pp. 53-59.
Wei, R. (2004). On A Network Forensics Model for Information Security. Information Systems Technology and its Applications. 3rd International Conference ISTA'2004, Salt Lake City, Utah, USA, 2004, pp. 229-234
Yu, Y. (2012). A Survey of Anomaly Intrusion Detection Techniques. Journal of Circuits, Systems and Computers JCSC, 28(1), pp.9-17.
Zha, Z., Wang, A., Guo, Y., Montgomery, D., & Chen, S. (2019). BotSifter: An SDN-based Online Bot Detection Framework in Data Centers. 2019 IEEE Conference on Communications and Network Security (CNS), Washington D.C., pp. 142-150.
Zhou, W., Cronin, E. and Loo, B. (2008). Provenance-aware Secure Networks, IEEE 24th International Conference on Data Engineering Workshop, Cancun, Mexico, 2008, pp. 188-193.
Zhu, L., Tang, X., Shen, M., Du, X. and Guizani, M. (2018) Privacy-Preserving DDoS Attack Detection Using Cross-Domain Traffic in Software Defined Networks. IEEE Journal on Selected Areas in Communications, 36(3), pp. 628-643.
Manso, P., Moura, J. and Serrão, C. (2019). SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks. Information, 10(3), p.106.
Copyright (c) 2020 International Journal of Computer (IJC)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who submit papers with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
- By submitting the processing fee, it is understood that the author has agreed to our terms and conditions which may change from time to time without any notice.
- It should be clear for authors that the Editor In Chief is responsible for the final decision about the submitted papers; have the right to accept\reject any paper. The Editor In Chief will choose any option from the following to review the submitted papers:A. send the paper to two reviewers, if the results were negative by one reviewer and positive by the other one; then the editor may send the paper for third reviewer or he take immediately the final decision by accepting\rejecting the paper. The Editor In Chief will ask the selected reviewers to present the results within 7 working days, if they were unable to complete the review within the agreed period then the editor have the right to resend the papers for new reviewers using the same procedure. If the Editor In Chief was not able to find suitable reviewers for certain papers then he have the right to reject the paper.
- Author will take the responsibility what so ever if any copyright infringement or any other violation of any law is done by publishing the research work by the author
- Before publishing, author must check whether this journal is accepted by his employer, or any authority he intends to submit his research work. we will not be responsible in this matter.
- If at any time, due to any legal reason, if the journal stops accepting manuscripts or could not publish already accepted manuscripts, we will have the right to cancel all or any one of the manuscripts without any compensation or returning back any kind of processing cost.
- The cost covered in the publication fees is only for online publication of a single manuscript.