TY - GEN
T1 - Host independent and distributed detection system of the network attack by using OpenFlow
AU - Miyazaki, Ryosuke
AU - Kawamoto, Junpei
AU - Matsumoto, Shinichi
AU - Sakurai, Kouichi
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/4/13
Y1 - 2017/4/13
N2 - Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.
AB - Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.
UR - http://www.scopus.com/inward/record.url?scp=85018301683&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85018301683&partnerID=8YFLogxK
U2 - 10.1109/ICOIN.2017.7899511
DO - 10.1109/ICOIN.2017.7899511
M3 - Conference contribution
AN - SCOPUS:85018301683
T3 - International Conference on Information Networking
SP - 236
EP - 241
BT - 31st International Conference on Information Networking, ICOIN 2017
PB - IEEE Computer Society
T2 - 31st International Conference on Information Networking, ICOIN 2017
Y2 - 11 January 2017 through 13 January 2017
ER -