The APT detection method in SDN
| Title | The APT detection method in SDN |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Shan-Shan, J., Ya-Bin, X. |
| Conference Name | 2017 3rd IEEE International Conference on Computer and Communications (ICCC) |
| Keywords | APT, APT detection method, communication protocol, Computer crime, computer network security, data plane, Discrete Fourier transforms, Hidden Markov models, HMM, network framework, OpenFlow, process control, pubcrawl, Resiliency, Scalability, SDN, SDN controller plane, SDN security, software defined networking, software programming, Switches |
| Abstract | SDN is a new network framework which can be controlled and defined by software programming, and OpenFlow is the communication protocol between SDN controller plane and data plane. With centralized control of SDN, the network is more vulnerable encounter APT than traditional network. After deeply analyzing the process of APT at each stage in SDN, this paper proposes the APT detection method based on HMM, which can fully reflect the relationship between attack behavior and APT stage. Experiment shows that the method is more accurate to detect APT in SDN, and less overhead. |
| URL | https://ieeexplore.ieee.org/document/8322741 |
| DOI | 10.1109/CompComm.2017.8322741 |
| Citation Key | shan-shan_apt_2017 |
- OpenFlow
- Switches
- software programming
- software defined networking
- SDN security
- SDN controller plane
- SDN
- Scalability
- Resiliency
- pubcrawl
- process control
- APT
- network framework
- HMM
- Hidden Markov models
- Discrete Fourier transforms
- data plane
- computer network security
- Computer crime
- communication protocol
- APT detection method