Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-...
Main Authors: | , , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2022-01-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/22/3/709 |
_version_ | 1797484882686902272 |
---|---|
author | Senthil Prabakaran Ramalakshmi Ramar Irshad Hussain Balasubramanian Prabhu Kavin Sultan S. Alshamrani Ahmed Saeed AlGhamdi Abdullah Alshehri |
author_facet | Senthil Prabakaran Ramalakshmi Ramar Irshad Hussain Balasubramanian Prabhu Kavin Sultan S. Alshamrani Ahmed Saeed AlGhamdi Abdullah Alshehri |
author_sort | Senthil Prabakaran |
collection | DOAJ |
description | Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers. |
first_indexed | 2024-03-09T23:11:55Z |
format | Article |
id | doaj.art-95ea309bf911433bbcd8ca9930c4ed96 |
institution | Directory Open Access Journal |
issn | 1424-8220 |
language | English |
last_indexed | 2024-03-09T23:11:55Z |
publishDate | 2022-01-01 |
publisher | MDPI AG |
record_format | Article |
series | Sensors |
spelling | doaj.art-95ea309bf911433bbcd8ca9930c4ed962023-11-23T17:44:00ZengMDPI AGSensors1424-82202022-01-0122370910.3390/s22030709Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN NetworkSenthil Prabakaran0Ramalakshmi Ramar1Irshad Hussain2Balasubramanian Prabhu Kavin3Sultan S. Alshamrani4Ahmed Saeed AlGhamdi5Abdullah Alshehri6Department of Computer Science and Engineering, Karpagam College of Engineering, Coimbatore 641032, Tamil Nadu, IndiaDepartment of Computer Science and Engineering, Kalasalingam Academy of Research and Education, Krishnankoil 626126, Tamil Nadu, IndiaFaculty of Electrical and Computer Engineering, University of Engineering and Technology, Peshawar 25000, PakistanSri Ramachandra Faculty of Engineering and Technology, Sri Ramachandra Institute of Higher Education and Research, Porur, Chennai 600116, Tamil Nadu, IndiaDepartment of Information Technology, College of Computer and Information Technology, Taif University, P.O. Box 11099, Taif 21944, Saudi ArabiaDepartment of Computer Engineering, College of Computer and Information Technology, Taif University, P.O. Box 11099, Taif 21944, Saudi ArabiaDepartment of Information Technology, Al Baha University, P.O. Box 1988, Al Baha 65431, Saudi ArabiaDecoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers.https://www.mdpi.com/1424-8220/22/3/709software defined networknetwork function virtualizationfirewallSDNFVattack predictionmachine learning |
spellingShingle | Senthil Prabakaran Ramalakshmi Ramar Irshad Hussain Balasubramanian Prabhu Kavin Sultan S. Alshamrani Ahmed Saeed AlGhamdi Abdullah Alshehri Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network Sensors software defined network network function virtualization firewall SDNFV attack prediction machine learning |
title | Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network |
title_full | Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network |
title_fullStr | Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network |
title_full_unstemmed | Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network |
title_short | Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network |
title_sort | predicting attack pattern via machine learning by exploiting stateful firewall as virtual network function in an sdn network |
topic | software defined network network function virtualization firewall SDNFV attack prediction machine learning |
url | https://www.mdpi.com/1424-8220/22/3/709 |
work_keys_str_mv | AT senthilprabakaran predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT ramalakshmiramar predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT irshadhussain predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT balasubramanianprabhukavin predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT sultansalshamrani predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT ahmedsaeedalghamdi predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork AT abdullahalshehri predictingattackpatternviamachinelearningbyexploitingstatefulfirewallasvirtualnetworkfunctioninansdnnetwork |