Visible to the public Machine learning aided traffic tolerance to improve resilience for software defined networks

TitleMachine learning aided traffic tolerance to improve resilience for software defined networks
Publication TypeConference Paper
Year of Publication2017
AuthorsGangadhar, S., Sterbenz, J. P. G.
Conference Name2017 9th International Workshop on Resilient Networks Design and Modeling (RNDM)
Keywordsattacks classification, centralised control, centralised controller, composability, computer network management, computer network reliability, computer network security, decision making, DoS attack, DoS attacks, Engines, feature extraction, flexible management, Future Internet, intrusion tolerance, learning (artificial intelligence), machine learning, machine learning algorithms, malicious intrusion detection, Mininet simulator, MIT KDD 1999 dataset, neptune attack, Network security, OpenFlow, pattern classification, POX controller platform, Prediction algorithms, pubcrawl, Real-time Systems, ReSDN, resilience, resilience framework, Resiliency, routing table, SDN, SDNs, software defined networking, Software Defined Networks, survivability, SYN flood, telecommunication network routing, telecommunication traffic, Traffic Management, traffic tolerance, Training

Software Defined Networks (SDNs) have gained prominence recently due to their flexible management and superior configuration functionality of the underlying network. SDNs, with OpenFlow as their primary implementation, allow for the use of a centralised controller to drive the decision making for all the supported devices in the network and manage traffic through routing table changes for incoming flows. In conventional networks, machine learning has been shown to detect malicious intrusion, and classify attacks such as DoS, user to root, and probe attacks. In this work, we extend the use of machine learning to improve traffic tolerance for SDNs. To achieve this, we extend the functionality of the controller to include a resilience framework, ReSDN, that incorporates machine learning to be able to distinguish DoS attacks, focussing on a neptune attack for our experiments. Our model is trained using the MIT KDD 1999 dataset. The system is developed as a module on top of the POX controller platform and evaluated using the Mininet simulator.

Citation Keygangadhar_machine_2017