Abstract
Software Defined Network (SDN) separates control plane from data plane and provides programmability which adds rich function for anomaly detection. In this case, every organization can manage their own network and detect anomalous traffic data using SDN architecture. Moreover, detection of malicious traffic, such as DDoS attack, would be dealt with much higher accuracy if these organizations shared their data. Unfortunately, they are unwilling to do so due to privacy consideration. To address this contradiction, we propose an efficient and privacy-preserving collaborative anomaly detection scheme. We extend prior work on SDN-based anomaly detection method to guarantee accuracy and privacy at the same time. The implementation of our design on simulated data shows that it performs well for network-wide anomaly detection with little overhead.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Koponen, T., Casado, M., Gude, N., et al.: Onix: a distributed control platform for large-scale production networks. In: OSDI, pp. 1–6 (2010)
Phaal, P.: sFlow Specification Version 5, July 2004
McKeown, N., Anderson, T., Balakrishnan, H., et al.: Openflow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38, 69–74 (2008)
Giotis, K., Argyropoulos, C., Androulidakis, G., et al.: Combining openflow and sflow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122–136 (2014)
Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE 35th Conference on Local Computer Networks (LCN), pp. 408–415. IEEE (2010)
Wang, B., et al.: DDoS attack protection in the era of cloud computing and Software-Defined Networking. Comput. Netw. 81, 308–319 (2015)
Soule, A., Ringberg, H., Silveira, F., Rexford, J., Diot, C.: Detectability of traffic anomalies in two adjacent networks. In: Uhlig, S., Papagiannaki, K., Bonaventure, O. (eds.) PAM 2007. LNCS, vol. 4427, pp. 22–31. Springer, Heidelberg (2007)
Lin, P., Bi, J., Chen, Z., et al.: WE-bridge: West-East Bridge for SDN inter-domain network peering. In: IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 111–112. IEEE (2014)
Oliveira, S.R.M., Zaiane, O.R.: Privacy preserving clustering by data transformation. J. Inf. Data Manag. 1, 37 (2010)
Chen, K., Liu, L.: Privacy-preserving multiparty collaborative mining with geometric data perturbation. IEEE Trans. Parallel Distrib. Syst. 20(12), 1764–1776 (2009)
Erfani, S.M., Law, Y.W., Karunasekera, S., Leckie, C.A., Palaniswami, M.: Privacy-preserving collaborative anomaly detection for participatory sensing. In: Ho, T.B., Zhou, Z.-H., Chen, A.L.P., Kao, H.-Y., Tseng, V.S. (eds.) PAKDD 2014, Part I. LNCS, vol. 8443, pp. 581–593. Springer, Heidelberg (2014)
Nagaraja, S., Jalaparti, V., Caesar, M., Borisov, N.: P3CA: private anomaly detection across ISP networks. In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 38–56. Springer, Heidelberg (2011)
Zhang, P., Huang, X., Sun, X., et al.: Privacy-preserving anomaly detection across multi-domain networks. In: 9th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 1066–1070. IEEE (2012)
Nguyen, H.X., Roughan, M.: Multi-observer privacy-preserving hidden Markov models. IEEE Trans. Signal Process. 61, 6010–6019 (2013)
Giannella, C.R., Liu, K., Kargupta, H.: Breaching Euclidean distance-preserving data perturbation using few known inputs. Data Knowl. Eng. 83, 93–110 (2013)
Lindell, Y., Pinkas, B.: Secure multiparty computation for privacy-preserving data mining. J. Priv. Confidentiality 1, 59–98 (2009)
Lo, Z.P., Fujita, M., Bavarian, B.: Analysis of neighborhood interaction in Kohonen neural networks. In: 6th International Parallel Processing Symposium, CA, Los Alamitos (1991)
Mehdi, S.A., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 161–180. Springer, Heidelberg (2011)
Giotis, K., Androulidakis, G., Aglaris, V.: Leveraging SDN for efficient anomaly detection and mitigation on legacy networks. In: Third European Workshop on Software Defined Networks (EWSDN), pp. 85–90. IEEE (2014)
Chung, C.-J., Nice, et al.: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing, pp. 198–211 (2013)
IEEE SDN For. 2013, 1–7 (2013)
Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pp. 55–60 (2013)
Zhan, J.: Privacy-preserving collaborative data mining, Computational Intelligence Magazine, pp. 31–41. IEEE (2008)
Aggarwal, C.C., Philip, S.Y.: A general survey of privacy-preserving data mining models and algorithms. In: Aggarwal, C.C., Philip, S.Y. (eds.) A General Survey of Privacy-Preserving Data Mining Models and Algorithms. Advances in Database Systems, vol. 34, pp. 11–52. Springer, Heidelberg (2008)
Acknowledgment
The research work reported in this paper is supported by National Science Foundation of China under Grant No. 61100172, 61272512, 61402037, Program for New Century Excellent Talents in University (NCET-12-0046), Beijing Natural Science Foundation No. 4132054, and Beijing Institute of Technology Research Fund Program for Young Scholars.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Bian, H., Zhu, L., Shen, M., Wang, M., Xu, C., Zhang, Q. (2016). Privacy-Preserving Anomaly Detection Across Multi-domain for Software Defined Networks. In: Yung, M., Zhang, J., Yang, Z. (eds) Trusted Systems. INTRUST 2015. Lecture Notes in Computer Science(), vol 9565. Springer, Cham. https://doi.org/10.1007/978-3-319-31550-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-31550-8_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31549-2
Online ISBN: 978-3-319-31550-8
eBook Packages: Computer ScienceComputer Science (R0)