Zero-Day Attack Detection and Prevention in Software-Defined Networks
| Title | Zero-Day Attack Detection and Prevention in Software-Defined Networks |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Al-Rushdan, Huthifh, Shurman, Mohammad, Alnabelsi, Sharhabeel H., Althebyan, Qutaibah |
| Conference Name | 2019 International Arab Conference on Information Technology (ACIT) |
| Keywords | Collaboration, composability, controller, defense, Intrusion Detection System (IDS), Mininet, policy-based governance, pubcrawl, sandbox, Sandboxing, SDN, Switch, Zero day attacks, zero-day attack |
| Abstract | The zero-day attack in networks exploits an undiscovered vulnerability, in order to affect/damage networks or programs. The term "zero-day" refers to the number of days available to the software or the hardware vendor to issue a patch for this new vulnerability. Currently, the best-known defense mechanism against the zero-day attacks focuses on detection and response, as a prevention effort, which typically fails against unknown or new vulnerabilities. To the best of our knowledge, this attack has not been widely investigated for Software-Defined Networks (SDNs). Therefore, in this work we are motivated to develop anew zero-day attack detection and prevention mechanism, which is designed and implemented for SDN using a modified sandbox tool, named Cuckoo. Our experiments results, under UNIX system, show that our proposed design successfully stops zero-day malwares by isolating the infected client, and thus, prevents these malwares from infesting other clients. |
| DOI | 10.1109/ACIT47987.2019.8991124 |
| Citation Key | al-rushdan_zero-day_2019 |