Abstract
As increasing the size of network, the malware propagates to other network easily. Moreover, malware is hard to detect if it is modified. The complexity of current network also causes the weakness for malware detection. Therefore, SDN quarantine network architecture has been researched. We applied the improved PE-miner framework that is malware detection mechanism based on machine learning algorithm to the SQN 1st quarantine. 1st quarantine is the system that filtering the malware using static mechanism. In this paper, detection rate of the improved PE-miner framework was evaluated and the real-time performance was also tested. Referring the result, we have proved that applying the PE-miner framework to SQN 1st quarantine is permissible.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Seo, Y., Lee, M.: Introduction to SDN. Youngjin, Seoul (2014)
Kim, N., Jung, J., Song, Y., Kim, H., Jung, T.: The Design of SDN Quarantined Network. Electron. Inf. Res. Inf. Center. 559–560 (2014)
Nadeau, T., Gray, K.: SDN
Shafiq, M., Tabish, S., Mirza, F., Farooq, M.: PE-miner: mining structural infromation to detect malicious executables in realtime. In: International Workshop on Recent Advances in Intrusion Detection, pp. 121–141 (2009)
Kim, D., Jung, J., Chung, T.: The architecture of detecting malicious behavior in SQN quarantine using static analysis. In: Korea Society of Digital Industry and Information Management, pp. 102–105 (2015)
Virus collection (VX heaven). http://vxheaven.org/vl.php
Decision Trees documentation. http://scikit-learn.org/stable/modules/tree.html#tree-algorithms
Sezer, S., Hayward, S., Chounhan, P.: Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun. Mag. 51, 36–43 (2013)
Acknowledgments
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (No. R-20160222-002755, Cloud based Security Intelligence Technology Development for the Customized Security Service Provisioning). And also this research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (NRF-2010-0020210).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kim, DH., Lee, SH., Doo, WS., Ahn, SI., Chung, TM. (2017). Applying PE-Miner Framework to Software Defined Network Quarantine. In: Park, J., Pan, Y., Yi, G., Loia, V. (eds) Advances in Computer Science and Ubiquitous Computing. UCAWSN CUTE CSA 2016 2016 2016. Lecture Notes in Electrical Engineering, vol 421. Springer, Singapore. https://doi.org/10.1007/978-981-10-3023-9_89
Download citation
DOI: https://doi.org/10.1007/978-981-10-3023-9_89
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3022-2
Online ISBN: 978-981-10-3023-9
eBook Packages: EngineeringEngineering (R0)