Skip to main content
SpringerLink
Log in

Applying PE-Miner Framework to Software Defined Network Quarantine

  • Conference paper
  • First Online:
Book cover Advances in Computer Science and Ubiquitous Computing (UCAWSN 2016, CUTE 2016, CSA 2016)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 421))

  • 1654 Accesses

Abstract

As increasing the size of network, the malware propagates to other network easily. Moreover, malware is hard to detect if it is modified. The complexity of current network also causes the weakness for malware detection. Therefore, SDN quarantine network architecture has been researched. We applied the improved PE-miner framework that is malware detection mechanism based on machine learning algorithm to the SQN 1st quarantine. 1st quarantine is the system that filtering the malware using static mechanism. In this paper, detection rate of the improved PE-miner framework was evaluated and the real-time performance was also tested. Referring the result, we have proved that applying the PE-miner framework to SQN 1st quarantine is permissible.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Seo, Y., Lee, M.: Introduction to SDN. Youngjin, Seoul (2014)

    Google Scholar 

  2. Kim, N., Jung, J., Song, Y., Kim, H., Jung, T.: The Design of SDN Quarantined Network. Electron. Inf. Res. Inf. Center. 559–560 (2014)

    Google Scholar 

  3. Nadeau, T., Gray, K.: SDN

    Google Scholar 

  4. Shafiq, M., Tabish, S., Mirza, F., Farooq, M.: PE-miner: mining structural infromation to detect malicious executables in realtime. In: International Workshop on Recent Advances in Intrusion Detection, pp. 121–141 (2009)

    Google Scholar 

  5. Kim, D., Jung, J., Chung, T.: The architecture of detecting malicious behavior in SQN quarantine using static analysis. In: Korea Society of Digital Industry and Information Management, pp. 102–105 (2015)

    Google Scholar 

  6. Virus collection (VX heaven). http://vxheaven.org/vl.php

  7. Decision Trees documentation. http://scikit-learn.org/stable/modules/tree.html#tree-algorithms

  8. Sezer, S., Hayward, S., Chounhan, P.: Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun. Mag. 51, 36–43 (2013)

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. R-20160222-002755, Cloud based Security Intelligence Technology Development for the Customized Security Service Provisioning). And also this research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (NRF-2010-0020210).

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon, Korea

    Dong-Hee Kim, Soo-Hwan Lee & Won-Sik Doo

  2. Department of Information Seucrity, Beaksoek University, Cheonan, Korea

    Sang-Il Ahn

  3. College of Software, Sungkyunkwan University, Suwon, Korea

    Tai-Myoung Chung

Authors
  1. Dong-Hee Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Soo-Hwan Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Won-Sik Doo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sang-Il Ahn
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tai-Myoung Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dong-Hee Kim .

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Seoul National University of Science and Technology, Seoul, Korea (Republic of)

    James J. (Jong Hyuk) Park

  2. Department of Computer Science, Georgia State University, Atlanta, Georgia, USA

    Yi Pan

  3. Computer Science and Engineering, Gangneung-Wonju National University, Wonju, Korea (Republic of)

    Gangman Yi

  4. University Salerno, Fisciano, Italy

    Vincenzo Loia

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Kim, DH., Lee, SH., Doo, WS., Ahn, SI., Chung, TM. (2017). Applying PE-Miner Framework to Software Defined Network Quarantine. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_89

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-3023-9_89

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-3022-2

  • Online ISBN: 978-981-10-3023-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation