Machine Learning based Anomaly Detection for 5G Networks (original) (raw)
Related papers
Anomaly based Intrusion Detection using Neural Networks in 5G Network
International Journal for Research in Applied Science and Engineering Technology (IJRASET) , 2021
Ensuring the organizations of tomorrow is set to be a difficult space due to expanding digital protection dangers and enlarging assault surfaces made by the Internet of Things (IoT), expanded organization heterogeneity, expanded utilization of virtualisation innovations and circulated structures. This paper proposes SDS (Software Defined Security) which is a method gives mechanized, adaptable and versatile framework. SDS will tackle momentum progresses in AI to plan a CNN (Convolutional Neural Network) utilizing NAS (Neural Architecture Search) to distinguish irregular organization traffic. SDS can be applied to an interruption location framework to make a more proactive and start to finish protection for a 5G organization. To test this presumption, ordinary and irregular organization streams from a mimicked climate have been gathered and examined with a CNN. The outcomes from this strategy are promising as the model has recognized harmless traffic with a 100% exactness rate and irregular traffic with a 96.4% identification rate. This exhibits the viability of organization stream investigation for an assortment of normal pernicious assaults and furthermore gives a suitable alternative to discovery of encoded vindictive organization traffic.
USING MACHINE LEARNING IN A SOFTWARE DEFINED SECURITY NETWORKING APPROACH FOR INTRUSION DETECTION
Security is now the order of the day, the rate at which cybersecurity is collapsing business and altering election in some countries. Warren Buffett made claims considering that the cyber threat is dangerous to humanity, which is considered more than a nuclear weapon. Statistically, ransomware increased in by 36% in 2017. Where business policies are being hijacked still there is a ransom has been paid. (Mason, 2018) This calls for the research into identifying and resolving intrusion. Network Intrusion Detection Systems(NIDS) for an essential part of any network security setup. They provide a layer of defence that monitors network traffic for predefined suspicious activities or patterns, and alert system administrators when potential hostile traffic is detected. Over the years, several efforts have been made to prevent intruders from evading network setups. Successfully, several improvements have also been made. Examples of which are Good password policy, Update regularly, Securing the router, Proper backing up of data, Educating the employees, Breach response, Installing centralised firewalls, Encrypted transmission. Despite all these improvements and techniques, attackers have devised another means of evading privacy know as Man In The Middle (MITM) attacks, where an attacker intercepts traffic before it gets to the destination server. The MITM attack involves three protagonists: Control layer, Infrastructure layer, and attacker. Here the attacker pretends to be the control layer or the infrastructure layer depending on how to communicate first; for example, if the control layer starts the communication, the hacker plays the role of the infrastructure layer. Which allows him to monitor all network traffic between layers and to obtain information (passwords, access system) using ARP spoofing techniques. This project is aimed at designing and implementing a means of preventing, detect, and treat attacks such as arp spoofing, which a MITM attack, using machine learning in a software-defined security networking approach.
Early Detection of Abnormal Attacks in Software-Defined Networking Using Machine Learning Approaches
Symmetry
Recent developments have made software-defined networking (SDN) a popular technology for solving the inherent problems of conventional distributed networks. The key benefit of SDN is the decoupling between the control plane and the data plane, which makes the network more flexible and easier to manage. SDN is a new generation network architecture; however, its configuration settings are centralized, making it vulnerable to hackers. Our study investigated the feasibility of applying artificial intelligence technology to detect abnormal attacks in an SDN environment based on the current unit network architecture; therefore, the concept of symmetry includes the sustainability of SDN applications and robust performance of machine learning (ML) models in the case of various malicious attacks. In this study, we focus on the early detection of abnormal attacks in an SDN environment. On detection of malicious traffic in SDN topology, the AI module in the topology is applied to detect and ac...
Machine Learning for Securing SDN based 5G Network
International Journal of Computer Applications
The fifth-generation (5G) network supports many systems such as reliable communication in potential applications that require maximum security. Advancement in Software-Defined Networking (SDN) is growing with the emerging network architectures targeted from many servers with the various types of Distributed Denial of Service (DDoS) attackers. When malicious users send DDoS attacks, the SDN based 5G networks face security problems and challenges. Despite the security solutions for preventing DDoS attacks in SDN, securing the SDN controller is one of the challenging problems. The purpose of this research is to analyze the suitable machine learning (ML) for securing the SDN controller targeted by DDoS attacks. This paper proposes a security scheme that includes the ML algorithm, adaptive bandwidth mechanism, and dynamic threshold technique. Therefore, the main focus is on the mitigation scheme of DDoS attacks considered in SDN controller through the ML trained model. In this scheme, the proposed approach uses the best ML as a method for finding security solutions that enhance the security of the SDN controller and network performance. In this method, the Extreme Gradient Boosting (XGBoost) and other ML algorithms were used, which not only enhance the accuracy of the security solutions but also improve the overall network performance.
Convolution Neural Network Machine Learning Algorithm Prediction Model for Intrusion Detection
International Journal of Scientific Research in Science, Engineering and Technology, 2022
Software Defined Networking (SDN) is evolving as a brand-new approach to the growth and innovation of the Internet. Since SDN can offer controllable, dynamic, and affordable networking, it is anticipated to be the Internet's ideal future. A rare chance to achieve network security in a more effective and flexible way is presented by the introduction of SDN. Because it has centralised control, SDN has the advantage of better network security provisioning as compared to traditional networks. However, in order to increase SDN security, it is necessary to address a number of additional network security challenges brought about by the SDN architecture's flexibility. The centralised controller, the control-data interface, and the control-application interfaces are the SDN's original structural weaknesses. Intruders may take advantage of these weaknesses.to conduct several types of attacks. A crucial component of network architecture known as the Network Intrusion Detection System (NIDS) is utilised to identify network intrusions and secure the entire network. Using Deep Learning (DL) methods, we suggest an SDN-based NIDS (DeepIDS) in this thesis to look for anomalies in the SDN architecture. First, using various flow features, we assess the capability of DL for flow-based anomaly identification. We demonstrate through studies that the DL technique has the capacity to detect flow-based anomalies in the SDN context. We also suggest a Gated Recurrent Unit Recurrent Neural Network to boost DeepIDS's detection rate. Our experimental findings demonstrate that the suggested model considerably increases the detection rate without degrading network performance. The effectiveness of our system in terms of precision, throughput, latency, and resource utilisation demonstrates that DeepIDS does not negatively impact the OpenFlow controller's performance, making it a workable strategy. Finally, we present an unsupervised method to address the issue of an unlabelled and unbalanced dataset. This method results in a significant reduction in processing time while producing a high detection rate. Through thorough experimental evaluations, we determine that our suggested strategy we conclude that our proposed approach exhibits a strong potential for intrusion detection in the SDN environments.
A Deep Learning Framework to Enhance Software Defined Networks Security
2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA)
Software-Defined Networks (SDN) initiates a novel networking model. SDN proposes the separation of forward and control planes by introducing a new independent plane called network controller. The architecture enhances the network resilient, decompose management complexity, and support more straightforward network policies enforcement. However, the model suffers from severe security threats. Specifically, a centralized network controller is a precious target for two reasons. First, the controller is located at a central point between the application and data planes. Second, a controller is software which prone to vulnerabilities, e.g., buffer and stack overflow. Hence, providing security measures is a crucial procedure towards the fully unleash of the new model capabilities. Intrusion detection is an option to enhance the networking security. Several approaches were proposed, for instance, signature-based, and anomaly detection. Anomaly detection is a broad approach deployed by various methods, e.g., machine learning. For many decades intrusion detection solution suffers performance and accuracy deficiencies. This paper revisits network anomalies detection as recent advances in machine learning particularly deep learning proofed success in many areas like computer vision and speech recognition. The study proposes an intrusion detection framework based on unsupervised deep learning algorithms.
Deep learning approach for Network Intrusion Detection in Software Defined Networking
2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), 2016
Software Defined Networking (SDN) has recently emerged to become one of the promising solutions for the future Internet. With the logical centralization of controllers and a global network overview, SDN brings us a chance to strengthen our network security. However, SDN also brings us a dangerous increase in potential threats. In this paper, we apply a deep learning approach for flow-based anomaly detection in an SDN environment. We build a Deep Neural Network (DNN) model for an intrusion detection system and train the model with the NSL-KDD Dataset. In this work, we just use six basic features (that can be easily obtained in an SDN environment) taken from the fortyone features of NSL-KDD Dataset. Through experiments, we confirm that the deep learning approach shows strong potential to be used for flow-based anomaly detection in SDN environments.
Dynamic management of a deep learning-based anomaly detection system for 5G networks
Journal of Ambient Intelligence and Humanized Computing, 2018
Fog and mobile edge computing (MEC) will play a key role in the upcoming fifth generation (5G) mobile networks to support decentralized applications, data analytics and management into the network itself by using a highly distributed compute model. Furthermore, increasing attention is paid to providing user-centric cybersecurity solutions, which particularly require collecting, processing and analyzing significantly large amount of data traffic and huge number of network connections in 5G networks. In this regard, this paper proposes a MECoriented solution in 5G mobile networks to detect network anomalies in real-time and in autonomic way. Our proposal uses deep learning techniques to analyze network flows and to detect network anomalies. Moreover, it uses policies in order to provide an efficient and dynamic management system of the computing resources used in the anomaly detection process. The paper presents relevant aspects of the deployment of the proposal and experimental results to show its performance.
Integration of Machine Learning-Based Attack Detectors into Defensive Exercises of a 5G Cyber Range
Applied Sciences
Cybercrime has become more pervasive and sophisticated over the years. Cyber ranges have emerged as a solution to keep pace with the rapid evolution of cybersecurity threats and attacks. Cyber ranges have evolved to virtual environments that allow various IT and network infrastructures to be simulated to conduct cybersecurity exercises in a secure, flexible, and scalable manner. With these training environments, organizations or individuals can increase their preparedness and proficiency in cybersecurity-related tasks while helping to maintain a high level of situational awareness. SPIDER is an innovative cyber range as a Service (CRaaS) platform for 5G networks that offer infrastructure emulation, training, and decision support for cybersecurity-related tasks. In this paper, we present the integration in SPIDER of defensive exercises based on the utilization of machine learning models as key components of attack detectors. Two recently appeared network attacks, cryptomining using b...
Future Internet, 2021
Software-defined Networking (SDN) has recently developed and been put forward as a promising and encouraging solution for future internet architecture. Managed, the centralized and controlled network has become more flexible and visible using SDN. On the other hand, these advantages bring us a more vulnerable environment and dangerous threats, causing network breakdowns, systems paralysis, online banking frauds and robberies. These issues have a significantly destructive impact on organizations, companies or even economies. Accuracy, high performance and real-time systems are essential to achieve this goal successfully. Extending intelligent machine learning algorithms in a network intrusion detection system (NIDS) through a software-defined network (SDN) has attracted considerable attention in the last decade. Big data availability, the diversity of data analysis techniques, and the massive improvement in the machine learning algorithms enable the building of an effective, reliable...