Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation
The ever-increasing number of internet-connected devices, along with the continuous evolution of cyber-attacks, in terms of volume and ingenuity, has led to a widened cyber-threat landscape, rendering infrastructures prone to malicious attacks. Towards addressing systems’ vulnerabilities and allevia...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-07-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/21/14/4939 |
| _version_ | 1797526088523448320 |
|---|---|
| author | Yannis Nikoloudakis Ioannis Kefaloukos Stylianos Klados Spyros Panagiotakis Evangelos Pallis Charalabos Skianis Evangelos K. Markakis |
| author_facet | Yannis Nikoloudakis Ioannis Kefaloukos Stylianos Klados Spyros Panagiotakis Evangelos Pallis Charalabos Skianis Evangelos K. Markakis |
| author_sort | Yannis Nikoloudakis |
| collection | DOAJ |
| description | The ever-increasing number of internet-connected devices, along with the continuous evolution of cyber-attacks, in terms of volume and ingenuity, has led to a widened cyber-threat landscape, rendering infrastructures prone to malicious attacks. Towards addressing systems’ vulnerabilities and alleviating the impact of these threats, this paper presents a machine learning based situational awareness framework that detects existing and newly introduced network-enabled entities, utilizing the real-time awareness feature provided by the SDN paradigm, assesses them against known vulnerabilities, and assigns them to a connectivity-appropriate network slice. The assessed entities are continuously monitored by an ML-based IDS, which is trained with an enhanced dataset. Our endeavor aims to demonstrate that a neural network, trained with heterogeneous data stemming from the operational environment (common vulnerability enumeration IDs that correlate attacks with existing vulnerabilities), can achieve more accurate prediction rates than a conventional one, thus addressing some aspects of the situational awareness paradigm. The proposed framework was evaluated within a real-life environment and the results revealed an increase of more than 4% in the overall prediction accuracy. |
| first_indexed | 2024-03-10T09:24:12Z |
| format | Article |
| id | doaj.art-f189e25cd3fc40ee9697ecec9b15063f |
| institution | Directory Open Access Journal |
| issn | 1424-8220 |
| language | English |
| last_indexed | 2024-03-10T09:24:12Z |
| publishDate | 2021-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj.art-f189e25cd3fc40ee9697ecec9b15063f2023-11-22T04:58:16ZengMDPI AGSensors1424-82202021-07-012114493910.3390/s21144939Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN ImplementationYannis Nikoloudakis0Ioannis Kefaloukos1Stylianos Klados2Spyros Panagiotakis3Evangelos Pallis4Charalabos Skianis5Evangelos K. Markakis6Department of Information & Communications Systems Engineering, University of the Aegean, Neo Karlovasi, 83200 Samos, GreeceElectrical and Computer Engineering Department, Hellenic Mediterranean University, Herakleion, 71410 Crete, GreeceElectrical and Computer Engineering Department, Hellenic Mediterranean University, Herakleion, 71410 Crete, GreeceElectrical and Computer Engineering Department, Hellenic Mediterranean University, Herakleion, 71410 Crete, GreeceElectrical and Computer Engineering Department, Hellenic Mediterranean University, Herakleion, 71410 Crete, GreeceDepartment of Information & Communications Systems Engineering, University of the Aegean, Neo Karlovasi, 83200 Samos, GreeceElectrical and Computer Engineering Department, Hellenic Mediterranean University, Herakleion, 71410 Crete, GreeceThe ever-increasing number of internet-connected devices, along with the continuous evolution of cyber-attacks, in terms of volume and ingenuity, has led to a widened cyber-threat landscape, rendering infrastructures prone to malicious attacks. Towards addressing systems’ vulnerabilities and alleviating the impact of these threats, this paper presents a machine learning based situational awareness framework that detects existing and newly introduced network-enabled entities, utilizing the real-time awareness feature provided by the SDN paradigm, assesses them against known vulnerabilities, and assigns them to a connectivity-appropriate network slice. The assessed entities are continuously monitored by an ML-based IDS, which is trained with an enhanced dataset. Our endeavor aims to demonstrate that a neural network, trained with heterogeneous data stemming from the operational environment (common vulnerability enumeration IDs that correlate attacks with existing vulnerabilities), can achieve more accurate prediction rates than a conventional one, thus addressing some aspects of the situational awareness paradigm. The proposed framework was evaluated within a real-life environment and the results revealed an increase of more than 4% in the overall prediction accuracy.https://www.mdpi.com/1424-8220/21/14/4939situational awarenessintrusion detection systemsvulnerability assessmentmachine learningSDNsoftware defined networking |
| spellingShingle | Yannis Nikoloudakis Ioannis Kefaloukos Stylianos Klados Spyros Panagiotakis Evangelos Pallis Charalabos Skianis Evangelos K. Markakis Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation Sensors situational awareness intrusion detection systems vulnerability assessment machine learning SDN software defined networking |
| title | Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation |
| title_full | Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation |
| title_fullStr | Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation |
| title_full_unstemmed | Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation |
| title_short | Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation |
| title_sort | towards a machine learning based situational awareness framework for cybersecurity an sdn implementation |
| topic | situational awareness intrusion detection systems vulnerability assessment machine learning SDN software defined networking |
| url | https://www.mdpi.com/1424-8220/21/14/4939 |
| work_keys_str_mv | AT yannisnikoloudakis towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT ioanniskefaloukos towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT stylianosklados towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT spyrospanagiotakis towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT evangelospallis towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT charalabosskianis towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation AT evangeloskmarkakis towardsamachinelearningbasedsituationalawarenessframeworkforcybersecurityansdnimplementation |