Network Flow-Based Dataset Generator Based on OpenFlow SDN
Machine learning methods have solid accuracy in detecting cyber attacks at the network layer. Nevertheless, the per-packet detection model is not scalable for high-speed networks due to the sheer number of packet detections per second. Recent studies show that network flow-based detection has better...
Saved in:
| Published in: | 2023 International Conference on Information Technology and Computing (ICITCOM) pp. 285 - 290 |
|---|---|
| Main Authors: | , , , , , , , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01-12-2023
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Machine learning methods have solid accuracy in detecting cyber attacks at the network layer. Nevertheless, the per-packet detection model is not scalable for high-speed networks due to the sheer number of packet detections per second. Recent studies show that network flow-based detection has better scalability and applicability for network layer protection. However, the existing flow-based datasets are impractical since they require packet logging and post-processing for feature extraction. This study proposed a dataset converter that generates a flow-based dataset based on existing per-packet-based log data using the OpenFlow switch and SDN controllers. It serves as proof of compatibility and practicability that the trained model can be directly implemented on real switches, particularly the SDN switch. The proposed dataset converter can work in an asynchronous mode that precisely converts the dataset regardless of the original speed of the network log data. The test results on a slow DDoS attack dataset show that the converter can generate flow-based datasets with smaller data sizes and better insight regarding the attack pattern. |
|---|---|
| DOI: | 10.1109/ICITCOM60176.2023.10442625 |