Visible to the public Zero-Day Attack Detection and Prevention in Software-Defined Networks

TitleZero-Day Attack Detection and Prevention in Software-Defined Networks
Publication TypeConference Paper
Year of Publication2019
AuthorsAl-Rushdan, Huthifh, Shurman, Mohammad, Alnabelsi, Sharhabeel H., Althebyan, Qutaibah
Conference Name2019 International Arab Conference on Information Technology (ACIT)
KeywordsCollaboration, composability, controller, Intrusion Detection System (IDS), Mininet, policy-based governance, pubcrawl, sandbox, Sandboxing, SDN, Switch, zero-day attack
AbstractThe zero-day attack in networks exploits an undiscovered vulnerability, in order to affect/damage networks or programs. The term “zero-day” refers to the number of days available to the software or the hardware vendor to issue a patch for this new vulnerability. Currently, the best-known defense mechanism against the zero-day attacks focuses on detection and response, as a prevention effort, which typically fails against unknown or new vulnerabilities. To the best of our knowledge, this attack has not been widely investigated for Software-Defined Networks (SDNs). Therefore, in this work we are motivated to develop anew zero-day attack detection and prevention mechanism, which is designed and implemented for SDN using a modified sandbox tool, named Cuckoo. Our experiments results, under UNIX system, show that our proposed design successfully stops zero-day malwares by isolating the infected client, and thus, prevents these malwares from infesting other clients.
DOI10.1109/ACIT47987.2019.8991124
Citation Keyal-rushdan_zero-day_2019