虛擬講堂進入演講
講 題A Behaviour-based Security Analysis Model for Intrusion Detection in SDN Environment
講 者Hsiao-Chung Lin, Ping Wang, Chi-Chun Lo
日 期2018/10/25長 度00:09:26人 氣120 次
摘 要
SDN is an effective method to assist managers dynamically managing network configuration for a large number of network devices, topology, and traffic paths to perceive cyber threats in controlled networks. However, numerous cyber attacks were targeted at the three SDN architecture layers where the SDN-based systems may open the specific vulnerability for threats. Consequently, intruders may inevitably exploit information systems to successfully compromise SDN controller or the relevant devices. Accordingly, the present study proposes an improved scheme for solving threat detection problems in SDN-based networks using a behaviour-based support vector machine (SVM) to categorise network threats in a network intrusion detection system. In the proposed approach, the proposed model adopts the decision tree theory with ranking score to determine the most qualified features to train the support vector classifier (SVC); this is accomplished by considering the overall detection precision rate of experiments, which accelerates the learning of normal and intrusive patterns and increases the accuracy of intrusion detection. The effectiveness of the proposed approach was evaluated by the Mininet with the metric, accuracy, false positive rate and ROC curve. A cross-validation scheme was used for solving classification accuracy problems by using SVMs associated with the NSL-KDD and UNSW-NB15 dataset. For three sizings (N) of behavioural features and when N = 23, the prediction accuracy for cyber-attack detection was up to 99.38% and with a faster detection speed relative to that when using complete behavioural features (N = 41) .
提 供TANET台灣網際網路研討會-TANET2018
進入演講