Browsing by Author "Toker, L."

Now showing 1 - 5 of 5

Metadata only
Artificial intelligence enabled software-defined networking: A comprehensive overview
(The Institution of Engineering and Technology, 2019-03) Latah, Majd; Toker, L.; Latah, Majd
Software-defined networking (SDN) represents a promising networking architecture that combines central management and network programmability. SDN separates the control plane from the data plane and moves the network management to a central point, called the controller that can be programmed and used as the brain of the network. Recently, the research community has shown an increased tendency to benefit from the recent advancements in the artificial intelligence (AI) field to provide learning abilities and better decision making in SDN. In this study, the authors provide a detailed overview of the recent efforts to include AI in SDN. The study showed that the research efforts focused on three main sub-fields of AI namely: machine learning, meta-heuristics and fuzzy inference systems. Accordingly, in this work, the authors investigate their different application areas and potential use, as well as the improvements achieved by including AI-based techniques in the SDN paradigm.
Open Access
Load and stress testing for SDN’s northbound API
(Springer Nature, 2020-01) Latah, Majd; Toker, L.; Latah, Majd
In this work, we apply load and stress testing for well-known Software defined networking (SDN) controllers from an SDN application perspective. More precisely, we focus on the communication between the controller and SDN applications via the northbound Application programming interface (API). We apply proper load and stress testing plans, in order to correctly capture the behaviour of the controllers under consideration. Our load testing includes applying gradually increased workloads to find the throughput each controller can handle. Our stress test, on the other hand, builds upon the results of the load test and includes (1) measuring the API’s ability to handle extremely high workloads for a prolonged period of time and (2) directly attacking the underlying hosts of SDN network using Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. We considered POX, Ryu, Floodlight, OpenDayLight (ODL) and Open Network Operating System (ONOS) SDN controllers. The experimental results showed that ONOS and ODL followed by Floodlight achieve the best throughput. Whereas POX and Ryu are characterized by lower throughput accompanied with partial and/or continuous failures during high workloads or DoS/DDoS attacks.
Open Access
Minimizing false positive rate for DoS attack detection: A hybrid SDN-based approach
(Elsevier, 2020-06) Latah, Majd; Toker, L.; Latah, Majd
Denial of Service attacks (DoS) are considered to be a major threat against today's communication networks. Recently, a novel networking paradigm that provides enhanced programming abilities has been proposed to attain an efficient control and management in future networks. In this work, we take the advantage of software-defined networking (SDN) to minimize the false positive rate of DoS attack detection systems. Our system combines flow-based and packet-based approaches to minimize the false positive rate (FPR). The experimental results conducted on NSL-KDD dataset have shown the effectiveness of our proposed approach, which successfully minimized the FPR as low as 0.3%. (C) 2020 The Korean Institute of Communications and Information Sciences (KICS).
Open Access
A novel intelligent approach for detecting DoS flooding attacks in software-defined networks
(Universitas Ahmad Dahlan, 2018-03) Latah, Majd; Toker, L.; Latah, Majd
Software-Defined Networking (SDN) is an emerging networking paradigm that provides an advanced programming capability and moves the control functionality to a centralized controller. This paper proposes a two-stage novel intelligent approach that takes advantage of the SDN approach to detect Denial of Service (DoS) flooding attacks based on calculation of packet rate as the first step and followed by Support Vector Machine (SVM) classification as the second step. Flow concept is an essential idea in OpenFlow protocol, which represents a common interface between an SDN switch and an SDN controller. Therefore, our system calculates the packet rate of each flow based on flow statistics obtained by SDN controller. Once the packet rate exceeds a predefined threshold, the system will activate the packet inspection unit, which, in turn, will use the (SVM) algorithm to classify the previously collected packets. The experimental results showed that our system was able to detect DoS flooding attacks with 96.25% accuracy and 0.26% false alarm rate.
Metadata only
Towards an efficient anomaly-based intrusion detection for software-defined networks
(Institution of Engineering and Technology, 2018-08-24) Latah, Majd; Toker, L.; Latah, Majd
Software-defined networking (SDN) is a new paradigm that allows developing more flexible network applications. A SDN controller, which represents a centralised controlling point, is responsible for running various network applications as well as maintaining different network services and functionalities. Choosing an efficient intrusion detection system helps in reducing the overhead of the running controller and creates a more secure network. In this study, we investigate the performance of the well-known anomaly-based intrusion detection approaches in terms of accuracy, false alarm rate, precision, recall, f1-measure, area under receiver operator characteristic curve, execution time and McNemar's test. Precisely, the authors focus on supervised machine-learning approaches where we use the following classifiers: decision trees, extreme learning machine, Naive Bayes, linear discriminant analysis, neural networks, support vector machines, random forest, K-nearest-neighbour, AdaBoost, RUSBoost, LogitBoost and BaggingTrees where we employ the well-known NSL-KDD benchmark dataset to compare the performance of each one of these classifiers.