Browsing by Author "Latah, Majd"

Now showing 1 - 10 of 10

Metadata only
Artificial intelligence enabled software-defined networking: A comprehensive overview
(The Institution of Engineering and Technology, 2019-03) Latah, Majd; Toker, L.; Latah, Majd
Software-defined networking (SDN) represents a promising networking architecture that combines central management and network programmability. SDN separates the control plane from the data plane and moves the network management to a central point, called the controller that can be programmed and used as the brain of the network. Recently, the research community has shown an increased tendency to benefit from the recent advancements in the artificial intelligence (AI) field to provide learning abilities and better decision making in SDN. In this study, the authors provide a detailed overview of the recent efforts to include AI in SDN. The study showed that the research efforts focused on three main sub-fields of AI namely: machine learning, meta-heuristics and fuzzy inference systems. Accordingly, in this work, the authors investigate their different application areas and potential use, as well as the improvements achieved by including AI-based techniques in the SDN paradigm.
Metadata only
Blockchain-based authentication and authorization for software defined networks
Latah, Majd; Kalkan, Kübra; Çakmakçı, Kübra Kalkan; Arı, İsmail; Alagöz, F.; Levi, A.; Department of Computer Science
Software-defined networking (SDN) is a novel networking paradigm that allows a simple and flexible management of the underlying forwarding devices through a centralized controller. However, SDN suffers from different security issues that may paralyze the whole network when the controller is under attack. Blockchain (BC) is considered a new technology that provides a decentralized distributed ledger, which can be used to protect the SDN controller from other malicious components in the network. In this thesis, we investigate the integration between SDN and BC technology. We focus on BC-enabled authentication and authorization for SDNs. First, we propose, DPSec, a blockchain-based data plane authentication protocol for SDNs. Second, we improve the performance of BC-enabled SDN by proposing a component-wise waiting time approach. We also utilize lattice-based signatures and Key Encapsulation Methods (KEMs) to improve the security of BC-SDN. Third, we introduce, HostSec, a blockchain-based approach that provides mutual host-controller, Packet-In/Packet-Out and host-host authentication for SDNs. Fourth, we propose, SDN-API-Sec, a blockchain-based access control method for cross-domain SDNs by utilizing BC smart contracts. The results suggest a trade-off between security and latency.
Metadata only
CWT-DPA: Component-wise waiting time for BC-enabled data plane authentication
(Elsevier, 2022-11-24) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
Software-Defined Networking (SDN) is a promising networking paradigm that brings central management and network programmability to improve existing networking systems. However, SDN has several security threats due to its untrusted control and data planes. Blockchain (BC) technology has recently provided a fault-tolerant, decentralized, and immutable ledger among untrusted parties. While the integration between SDN and BC enhances the security, it suffers from performance degradation when applied to SDN's data plane. In traditional BC-SDN approaches, such as our previous work DPSEC (Latah and Kalkan, 2020), every switch has to wait for the final commitment of each submitted transaction, which significantly decreases the performance of the BC-SDN model. In this work, we enhance the performance of BC-SDN data plane approaches by separating switch-related and host-related transactions and propose a different waiting strategy for each type of data plane transaction. We also propose a batching technique to enhance the average latency for high-load scenarios. In addition, SDN switches and controllers utilize lattice-based signatures and Key Encapsulation Methods (KEMs) to protect against quantum adversaries. We compare the performance of CWT-DPA with existing solutions such as SSL/TLSv1.3, DPSEC (Latah and Kalkan, 2020), and AuthFlow (Mattos and Duarte, 2016).
Metadata only
Detection of malicious social bots: A survey and a refined taxonomy
(Elsevier, 2020-08-01) Latah, Majd; Latah, Majd
Social hots represent a new generation of hots that make use of online social networks (OSNs) as command and control (C&C) channels. Malicious social hots have been used as tools for launching large-scale spam campaigns, promoting low-cap stocks, manipulating users' digital influence, and conducting political astroturfing. Recent studies in this area either focus only on general security issues related to social networks or on coarse-grained categorization to support detection approaches. This survey aims to provide a comprehensive analysis from a social network perspective. To this end, we first categorize social bot attacks at different stages, then provide an overview of different types of social hots. Next, we propose a refined taxonomy that shows how different techniques within a category are related or differ from each other, followed by a detailed discussion of the strengths and limitations of each method. Following this, we review the existing datasets and summarize the results of empirical investigations. Finally, we highlight the limitations of existing detection approaches and suggest future directions for further improvement. Our study should help OSN administrators and researchers understand the destructive potential of malicious social hots and improve upon the current defensive strategies.
Metadata only
DPSec: A blockchain-based data plane authentication protocol for SDNs
(IEEE, 2020-11-02) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; Alsmirat, M.; Jararweh, Y.; Aloqaily, M.; Ozkasap, O.; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
Software-Defined Networking (SDN) is a promising networking architecture that enables central management along with network programmability. However, SDN brings additional security threats due to untrusted control and data planes. In this work, we focus on authenticating SDN's data plane since it can be exploited to attack SDN's control plane. As a result, the whole SDN network will be paralysed. On the other hand, Blockchain (BC) can be utilized to provide more secure data plane by introducing a fault-tolerant, decentralized and secure ledger without relying on any trusted third-party intermediaries. To this end, in this work we propose, DPSec, a consortium BC-based protocol for authenticating SDN's data plane including SDN switches and hosts. We also provide a proof-of-concept that demonstrates the applicability and feasibility of our protocol in SDNs. Finally, we present a security analysis that shows how DPSec can address several attacks against SDNs including CVE-2018-1000155 vulnerability [1] that targets SDN controllers due to the untrusted data plane.
Open Access
Load and stress testing for SDN’s northbound API
(Springer Nature, 2020-01) Latah, Majd; Toker, L.; Latah, Majd
In this work, we apply load and stress testing for well-known Software defined networking (SDN) controllers from an SDN application perspective. More precisely, we focus on the communication between the controller and SDN applications via the northbound Application programming interface (API). We apply proper load and stress testing plans, in order to correctly capture the behaviour of the controllers under consideration. Our load testing includes applying gradually increased workloads to find the throughput each controller can handle. Our stress test, on the other hand, builds upon the results of the load test and includes (1) measuring the API’s ability to handle extremely high workloads for a prolonged period of time and (2) directly attacking the underlying hosts of SDN network using Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. We considered POX, Ryu, Floodlight, OpenDayLight (ODL) and Open Network Operating System (ONOS) SDN controllers. The experimental results showed that ONOS and ODL followed by Floodlight achieve the best throughput. Whereas POX and Ryu are characterized by lower throughput accompanied with partial and/or continuous failures during high workloads or DoS/DDoS attacks.
Open Access
Minimizing false positive rate for DoS attack detection: A hybrid SDN-based approach
(Elsevier, 2020-06) Latah, Majd; Toker, L.; Latah, Majd
Denial of Service attacks (DoS) are considered to be a major threat against today's communication networks. Recently, a novel networking paradigm that provides enhanced programming abilities has been proposed to attain an efficient control and management in future networks. In this work, we take the advantage of software-defined networking (SDN) to minimize the false positive rate of DoS attack detection systems. Our system combines flow-based and packet-based approaches to minimize the false positive rate (FPR). The experimental results conducted on NSL-KDD dataset have shown the effectiveness of our proposed approach, which successfully minimized the FPR as low as 0.3%. (C) 2020 The Korean Institute of Communications and Information Sciences (KICS).
Open Access
A novel intelligent approach for detecting DoS flooding attacks in software-defined networks
(Universitas Ahmad Dahlan, 2018-03) Latah, Majd; Toker, L.; Latah, Majd
Software-Defined Networking (SDN) is an emerging networking paradigm that provides an advanced programming capability and moves the control functionality to a centralized controller. This paper proposes a two-stage novel intelligent approach that takes advantage of the SDN approach to detect Denial of Service (DoS) flooding attacks based on calculation of packet rate as the first step and followed by Support Vector Machine (SVM) classification as the second step. Flow concept is an essential idea in OpenFlow protocol, which represents a common interface between an SDN switch and an SDN controller. Therefore, our system calculates the packet rate of each flow based on flow statistics obtained by SDN controller. Once the packet rate exceeds a predefined threshold, the system will activate the packet inspection unit, which, in turn, will use the (SVM) algorithm to classify the previously collected packets. The experimental results showed that our system was able to detect DoS flooding attacks with 96.25% accuracy and 0.26% false alarm rate.
Metadata only
Towards an efficient anomaly-based intrusion detection for software-defined networks
(Institution of Engineering and Technology, 2018-08-24) Latah, Majd; Toker, L.; Latah, Majd
Software-defined networking (SDN) is a new paradigm that allows developing more flexible network applications. A SDN controller, which represents a centralised controlling point, is responsible for running various network applications as well as maintaining different network services and functionalities. Choosing an efficient intrusion detection system helps in reducing the overhead of the running controller and creates a more secure network. In this study, we investigate the performance of the well-known anomaly-based intrusion detection approaches in terms of accuracy, false alarm rate, precision, recall, f1-measure, area under receiver operator characteristic curve, execution time and McNemar's test. Precisely, the authors focus on supervised machine-learning approaches where we use the following classifiers: decision trees, extreme learning machine, Naive Bayes, linear discriminant analysis, neural networks, support vector machines, random forest, K-nearest-neighbour, AdaBoost, RUSBoost, LogitBoost and BaggingTrees where we employ the well-known NSL-KDD benchmark dataset to compare the performance of each one of these classifiers.
Metadata only
When SDN and blockchain shake hands
(Wiley, 2022-09) Latah, Majd; Çakmakçı, Kübra Kalkan; Computer Science; ÇAKMAKCİ, Kübra Kalkan; Latah, Majd
A survey of recent efforts to combine SDN and BC shows promising results and points to directions for future research.