Visible to the public Biblio

Filters: Author is Cheol Won Lee, National Research Institute, South Korea  [Clear All Filters]
Jiaqi Yan, Illinois Institute of Technology, Dong Jin, Illinois Institute of Technology, Cheol Won Lee, National Research Institute, South Korea, Ping Liu, Illinois Institute of Technology.  2018.  A Comparative Study of Off-Line Deep Learning Based Network Intrusion Detection. 10th International Conference on Ubiquitous and Future Networks.

Abstract—Network intrusion detection systems (NIDS) are essential security building-blocks for today’s organizations to ensure safe and trusted communication of information. In this paper, we study the feasibility of off-line deep learning based NIDSes by constructing the detection engine with multiple advanced deep learning models and conducting a quantitative and comparative evaluation of those models. We first introduce the general deep learning methodology and its potential implication on the network intrusion detection problem. We then review multiple machine learning solutions to two network intrusion detection tasks (NSL-KDD and UNSW-NB15 datasets). We develop a TensorFlow-based deep learning library, called NetLearner, and implement a handful of cutting-edge deep learning models for NIDS. Finally, we conduct a quantitative and comparative performance evaluation of those models using NetLearner.

Dong Jin, Illinois Institute of Technology, Zhiyi Li, Illinois Institute of Technology, Christopher Hannon, Illinois Institute of Technology, Chen Chen, Argonne National Laboratory, Jianhui Wang, Argonne National Laboratory, Mohammad Shahidehpour, Illinois Institute of Technology, Cheol Won Lee, National Research Institute, South Korea.  2017.  Toward a Cyber Resilient and Secure Microgrid Using Software-Defined Networking. IEEE Transactions on Smart Grid. 8(5)

To build a resilient and secure microgrid in the face of growing cyber-attacks and cyber-mistakes, we present a software-defined networking (SDN)-based communication network architecture for microgrid operations. We leverage the global visibility, direct networking controllability, and programmability offered by SDN to investigate multiple security applications, including self-healing communication network management, real-time and uncertainty-aware communication network verification, and specification-based intrusion detection. We also expand a novel cyber-physical testing and evaluation platform that combines a power distribution system simulator (for microgrid energy services) and an SDN emulator with a distributed control environment (for microgrid communications). Experimental results demonstrate that the SDN-based communication architecture and applications can significantly enhance the resilience and security of microgrid operations against the realization of various cyber threats.

Xin Liu, Illinois Institute of Technology, Dong Jin, Illinois Institute of Technology, Cheol Won Lee, National Research Institute, South Korea, Jong Cheol Moon, National Research Institute, South Korea.  2016.  ConVenus: Congestion Verification of Network Updates in Software-defined Networks. Winter Simulation Conference (WSC).

We present ConVenus, a system that performs rapid congestion verification of network updates in softwaredefined networks. ConVenus is a lightweight middleware between the SDN controller and network devices, and is capable to intercept flow updates from the controller and verify whether the amount of traffic in any links and switches exceeds the desired capacity. To enable online verification, ConVenus dynamically identifies the minimum set of flows and switches that are affected by each flow update, and creates a compact network model. ConVenus uses a four-phase simulation algorithm to quickly compute the throughput of every flow in the network model and report network congestion. The experimental results demonstrate that ConVenus manages to verify 90% of the updates in a network consisting of over 500 hosts and 80 switches within 5 milliseconds.