Detecting Malicious Hosts in SDN through System Call Learning

Detecting Malicious Hosts in SDN through System Call Learning

Software Defined Networking (SDN) has changed the way of designing and managing networks through programmability. However, programmability also introduces security threats. In this work we address the issue of malicious hosts running malicious applications that bypass the standard SDN based detectio...

Full description

Saved in:
Bibliographic Details
Published in:IEEE INFOCOM 2021 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) pp. 1 - 2
Main Authors: Chasaki, Danai, Mansour, Christopher
Format: Conference Proceeding
Language:English
Published: IEEE 10-05-2021
Subjects:
Conferences
Machine learning
Monitoring
Security
Software defined networking
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Software Defined Networking (SDN) has changed the way of designing and managing networks through programmability. However, programmability also introduces security threats. In this work we address the issue of malicious hosts running malicious applications that bypass the standard SDN based detection mechanisms. The SDN security system we are proposing periodically monitors the system calls utilization of the different SDN applications installed, learns from past system behavior using machine learning classifiers, and thus accurately detects the existence of an unusual activity or a malicious application.
DOI:10.1109/INFOCOMWKSHPS51825.2021.9484586