2017-11-11
AUTHORSEmilia Tantar , Alexandru-Adrian Tantar , Miroslaw Kantor , Thomas Engel
ABSTRACTThrough this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services. More... »
PAGES67-81
EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI
ISBN
978-3-319-69708-6
978-3-319-69710-9
http://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5
DOIhttp://dx.doi.org/10.1007/978-3-319-69710-9_5
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1092634258
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Artificial Intelligence and Image Processing",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information Systems",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg",
"id": "http://www.grid.ac/institutes/grid.16008.3f",
"name": [
"Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
],
"type": "Organization"
},
"familyName": "Tantar",
"givenName": "Emilia",
"id": "sg:person.014120034333.51",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014120034333.51"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg",
"id": "http://www.grid.ac/institutes/grid.16008.3f",
"name": [
"Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
],
"type": "Organization"
},
"familyName": "Tantar",
"givenName": "Alexandru-Adrian",
"id": "sg:person.012203126757.71",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012203126757.71"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg",
"id": "http://www.grid.ac/institutes/grid.16008.3f",
"name": [
"Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
],
"type": "Organization"
},
"familyName": "Kantor",
"givenName": "Miroslaw",
"id": "sg:person.010477475103.76",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010477475103.76"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg",
"id": "http://www.grid.ac/institutes/grid.16008.3f",
"name": [
"Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
],
"type": "Organization"
},
"familyName": "Engel",
"givenName": "Thomas",
"id": "sg:person.014715437773.25",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014715437773.25"
],
"type": "Person"
}
],
"datePublished": "2017-11-11",
"datePublishedReg": "2017-11-11",
"description": "Through this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services.",
"editor": [
{
"familyName": "Tantar",
"givenName": "Alexandru-Adrian",
"type": "Person"
},
{
"familyName": "Tantar",
"givenName": "Emilia",
"type": "Person"
},
{
"familyName": "Emmerich",
"givenName": "Michael",
"type": "Person"
},
{
"familyName": "Legrand",
"givenName": "Pierrick",
"type": "Person"
},
{
"familyName": "Alboaie",
"givenName": "Lenuta",
"type": "Person"
},
{
"familyName": "Luchian",
"givenName": "Henri",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-319-69710-9_5",
"inLanguage": "en",
"isAccessibleForFree": false,
"isPartOf": {
"isbn": [
"978-3-319-69708-6",
"978-3-319-69710-9"
],
"name": "EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI",
"type": "Book"
},
"keywords": [
"security services",
"anomaly detection",
"anomaly detection service",
"attack detection capability",
"predictive analytics capabilities",
"predictive analytics framework",
"SDN context",
"unsupervised learning",
"prediction mechanism",
"analytics capabilities",
"detection service",
"two-fold approach",
"SDN",
"position paper",
"detection capability",
"Gaussian process",
"analytic framework",
"services",
"OpenDaylight",
"capability",
"cognitive techniques",
"potential paths",
"software",
"security",
"network",
"nodes",
"engine",
"prototype",
"detection",
"functionality",
"learning",
"framework",
"integration",
"tool",
"path",
"smoothness",
"technique",
"context",
"e.",
"process",
"use",
"means",
"purpose",
"cognition",
"addition",
"flow",
"mechanism",
"frequency of flows",
"frequency",
"paper",
"approach",
"prototype cognitive security service",
"cognitive security service",
"learning-based anomaly detection service",
"Learn2Defend",
"traffic characteristics/behavior profiles e.",
"characteristics/behavior profiles e.",
"behavior profiles e.",
"profiles e.",
"line dynamic SDN context",
"dynamic SDN context",
"valid predictive analytics framework",
"SDN security services"
],
"name": "On Using Cognition for Anomaly Detection in SDN",
"pagination": "67-81",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1092634258"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-319-69710-9_5"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-319-69710-9_5",
"https://app.dimensions.ai/details/publication/pub.1092634258"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-01-01T19:07",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220101/entities/gbq_results/chapter/chapter_12.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-319-69710-9_5"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'
This table displays all metadata directly associated to this object as RDF triples.
173 TRIPLES
23 PREDICATES
89 URIs
81 LITERALS
7 BLANK NODES
| Subject | Predicate | Object | |
|---|---|---|---|
| 1 | sg:pub.10.1007/978-3-319-69710-9_5 | schema:about | anzsrc-for:08 |
| 2 | ″ | ″ | anzsrc-for:0801 |
| 3 | ″ | ″ | anzsrc-for:0806 |
| 4 | ″ | schema:author | N683070e40445450e9b0b85aaff361624 |
| 5 | ″ | schema:datePublished | 2017-11-11 |
| 6 | ″ | schema:datePublishedReg | 2017-11-11 |
| 7 | ″ | schema:description | Through this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services. |
| 8 | ″ | schema:editor | N29a6c3901e2a439fbc89b68fce661c34 |
| 9 | ″ | schema:genre | chapter |
| 10 | ″ | schema:inLanguage | en |
| 11 | ″ | schema:isAccessibleForFree | false |
| 12 | ″ | schema:isPartOf | Nc6eaeb4adbe44f0f9080581ee9bf82c5 |
| 13 | ″ | schema:keywords | Gaussian process |
| 14 | ″ | ″ | Learn2Defend |
| 15 | ″ | ″ | OpenDaylight |
| 16 | ″ | ″ | SDN |
| 17 | ″ | ″ | SDN context |
| 18 | ″ | ″ | SDN security services |
| 19 | ″ | ″ | addition |
| 20 | ″ | ″ | analytic framework |
| 21 | ″ | ″ | analytics capabilities |
| 22 | ″ | ″ | anomaly detection |
| 23 | ″ | ″ | anomaly detection service |
| 24 | ″ | ″ | approach |
| 25 | ″ | ″ | attack detection capability |
| 26 | ″ | ″ | behavior profiles e. |
| 27 | ″ | ″ | capability |
| 28 | ″ | ″ | characteristics/behavior profiles e. |
| 29 | ″ | ″ | cognition |
| 30 | ″ | ″ | cognitive security service |
| 31 | ″ | ″ | cognitive techniques |
| 32 | ″ | ″ | context |
| 33 | ″ | ″ | detection |
| 34 | ″ | ″ | detection capability |
| 35 | ″ | ″ | detection service |
| 36 | ″ | ″ | dynamic SDN context |
| 37 | ″ | ″ | e. |
| 38 | ″ | ″ | engine |
| 39 | ″ | ″ | flow |
| 40 | ″ | ″ | framework |
| 41 | ″ | ″ | frequency |
| 42 | ″ | ″ | frequency of flows |
| 43 | ″ | ″ | functionality |
| 44 | ″ | ″ | integration |
| 45 | ″ | ″ | learning |
| 46 | ″ | ″ | learning-based anomaly detection service |
| 47 | ″ | ″ | line dynamic SDN context |
| 48 | ″ | ″ | means |
| 49 | ″ | ″ | mechanism |
| 50 | ″ | ″ | network |
| 51 | ″ | ″ | nodes |
| 52 | ″ | ″ | paper |
| 53 | ″ | ″ | path |
| 54 | ″ | ″ | position paper |
| 55 | ″ | ″ | potential paths |
| 56 | ″ | ″ | prediction mechanism |
| 57 | ″ | ″ | predictive analytics capabilities |
| 58 | ″ | ″ | predictive analytics framework |
| 59 | ″ | ″ | process |
| 60 | ″ | ″ | profiles e. |
| 61 | ″ | ″ | prototype |
| 62 | ″ | ″ | prototype cognitive security service |
| 63 | ″ | ″ | purpose |
| 64 | ″ | ″ | security |
| 65 | ″ | ″ | security services |
| 66 | ″ | ″ | services |
| 67 | ″ | ″ | smoothness |
| 68 | ″ | ″ | software |
| 69 | ″ | ″ | technique |
| 70 | ″ | ″ | tool |
| 71 | ″ | ″ | traffic characteristics/behavior profiles e. |
| 72 | ″ | ″ | two-fold approach |
| 73 | ″ | ″ | unsupervised learning |
| 74 | ″ | ″ | use |
| 75 | ″ | ″ | valid predictive analytics framework |
| 76 | ″ | schema:name | On Using Cognition for Anomaly Detection in SDN |
| 77 | ″ | schema:pagination | 67-81 |
| 78 | ″ | schema:productId | Nbdc8b24160ab4522a14dfe9180989155 |
| 79 | ″ | ″ | Ne202e29b2412425b8808c351d19e9971 |
| 80 | ″ | schema:publisher | N66d19cc8cb8f40baa191a6a1979442dc |
| 81 | ″ | schema:sameAs | https://app.dimensions.ai/details/publication/pub.1092634258 |
| 82 | ″ | ″ | https://doi.org/10.1007/978-3-319-69710-9_5 |
| 83 | ″ | schema:sdDatePublished | 2022-01-01T19:07 |
| 84 | ″ | schema:sdLicense | https://scigraph.springernature.com/explorer/license/ |
| 85 | ″ | schema:sdPublisher | N4c6b4f435d4640bcb07845ab4f1fed55 |
| 86 | ″ | schema:url | https://doi.org/10.1007/978-3-319-69710-9_5 |
| 87 | ″ | sgo:license | sg:explorer/license/ |
| 88 | ″ | sgo:sdDataset | chapters |
| 89 | ″ | rdf:type | schema:Chapter |
| 90 | N0d1e4f249ecd4fe6820fd9c81d9cd412 | rdf:first | sg:person.012203126757.71 |
| 91 | ″ | rdf:rest | Nfb5bf472769b4daf941633d8d5034d26 |
| 92 | N27aacfa573e946139cf11b53370afea4 | rdf:first | N972fa8a6714a4fc49c78093df57da840 |
| 93 | ″ | rdf:rest | N6ed332a3246f4e11880ffb3ecf1fe7fb |
| 94 | N29a6c3901e2a439fbc89b68fce661c34 | rdf:first | Na1c09e24d0c84309983a3c7796740324 |
| 95 | ″ | rdf:rest | N55c1b41cd5fa4929a43e449a401e0897 |
| 96 | N425dc92561c2408a9cf546801d5dd44f | schema:familyName | Legrand |
| 97 | ″ | schema:givenName | Pierrick |
| 98 | ″ | rdf:type | schema:Person |
| 99 | N479abefbef514e83a6d55acc2886061c | schema:familyName | Luchian |
| 100 | ″ | schema:givenName | Henri |
| 101 | ″ | rdf:type | schema:Person |
| 102 | N4c6b4f435d4640bcb07845ab4f1fed55 | schema:name | Springer Nature - SN SciGraph project |
| 103 | ″ | rdf:type | schema:Organization |
| 104 | N55c1b41cd5fa4929a43e449a401e0897 | rdf:first | Nf2b56a50b0af4800a29cba097009db45 |
| 105 | ″ | rdf:rest | Nfd9107fc1e8a43eca228cf7c93486b88 |
| 106 | N66d19cc8cb8f40baa191a6a1979442dc | schema:name | Springer Nature |
| 107 | ″ | rdf:type | schema:Organisation |
| 108 | N683070e40445450e9b0b85aaff361624 | rdf:first | sg:person.014120034333.51 |
| 109 | ″ | rdf:rest | N0d1e4f249ecd4fe6820fd9c81d9cd412 |
| 110 | N6ed332a3246f4e11880ffb3ecf1fe7fb | rdf:first | N479abefbef514e83a6d55acc2886061c |
| 111 | ″ | rdf:rest | rdf:nil |
| 112 | N767113130d5642b393dd8ae2534c16c7 | schema:familyName | Emmerich |
| 113 | ″ | schema:givenName | Michael |
| 114 | ″ | rdf:type | schema:Person |
| 115 | N9608b40e12a64fff9eee2aaed0354691 | rdf:first | N425dc92561c2408a9cf546801d5dd44f |
| 116 | ″ | rdf:rest | N27aacfa573e946139cf11b53370afea4 |
| 117 | N972fa8a6714a4fc49c78093df57da840 | schema:familyName | Alboaie |
| 118 | ″ | schema:givenName | Lenuta |
| 119 | ″ | rdf:type | schema:Person |
| 120 | Na1c09e24d0c84309983a3c7796740324 | schema:familyName | Tantar |
| 121 | ″ | schema:givenName | Alexandru-Adrian |
| 122 | ″ | rdf:type | schema:Person |
| 123 | Nbdc8b24160ab4522a14dfe9180989155 | schema:name | doi |
| 124 | ″ | schema:value | 10.1007/978-3-319-69710-9_5 |
| 125 | ″ | rdf:type | schema:PropertyValue |
| 126 | Nc6eaeb4adbe44f0f9080581ee9bf82c5 | schema:isbn | 978-3-319-69708-6 |
| 127 | ″ | ″ | 978-3-319-69710-9 |
| 128 | ″ | schema:name | EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI |
| 129 | ″ | rdf:type | schema:Book |
| 130 | Nd169df2b4d46441f9fc806bbc03bc282 | rdf:first | sg:person.014715437773.25 |
| 131 | ″ | rdf:rest | rdf:nil |
| 132 | Ne202e29b2412425b8808c351d19e9971 | schema:name | dimensions_id |
| 133 | ″ | schema:value | pub.1092634258 |
| 134 | ″ | rdf:type | schema:PropertyValue |
| 135 | Nf2b56a50b0af4800a29cba097009db45 | schema:familyName | Tantar |
| 136 | ″ | schema:givenName | Emilia |
| 137 | ″ | rdf:type | schema:Person |
| 138 | Nfb5bf472769b4daf941633d8d5034d26 | rdf:first | sg:person.010477475103.76 |
| 139 | ″ | rdf:rest | Nd169df2b4d46441f9fc806bbc03bc282 |
| 140 | Nfd9107fc1e8a43eca228cf7c93486b88 | rdf:first | N767113130d5642b393dd8ae2534c16c7 |
| 141 | ″ | rdf:rest | N9608b40e12a64fff9eee2aaed0354691 |
| 142 | anzsrc-for:08 | schema:inDefinedTermSet | anzsrc-for: |
| 143 | ″ | schema:name | Information and Computing Sciences |
| 144 | ″ | rdf:type | schema:DefinedTerm |
| 145 | anzsrc-for:0801 | schema:inDefinedTermSet | anzsrc-for: |
| 146 | ″ | schema:name | Artificial Intelligence and Image Processing |
| 147 | ″ | rdf:type | schema:DefinedTerm |
| 148 | anzsrc-for:0806 | schema:inDefinedTermSet | anzsrc-for: |
| 149 | ″ | schema:name | Information Systems |
| 150 | ″ | rdf:type | schema:DefinedTerm |
| 151 | sg:person.010477475103.76 | schema:affiliation | grid-institutes:grid.16008.3f |
| 152 | ″ | schema:familyName | Kantor |
| 153 | ″ | schema:givenName | Miroslaw |
| 154 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010477475103.76 |
| 155 | ″ | rdf:type | schema:Person |
| 156 | sg:person.012203126757.71 | schema:affiliation | grid-institutes:grid.16008.3f |
| 157 | ″ | schema:familyName | Tantar |
| 158 | ″ | schema:givenName | Alexandru-Adrian |
| 159 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012203126757.71 |
| 160 | ″ | rdf:type | schema:Person |
| 161 | sg:person.014120034333.51 | schema:affiliation | grid-institutes:grid.16008.3f |
| 162 | ″ | schema:familyName | Tantar |
| 163 | ″ | schema:givenName | Emilia |
| 164 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014120034333.51 |
| 165 | ″ | rdf:type | schema:Person |
| 166 | sg:person.014715437773.25 | schema:affiliation | grid-institutes:grid.16008.3f |
| 167 | ″ | schema:familyName | Engel |
| 168 | ″ | schema:givenName | Thomas |
| 169 | ″ | schema:sameAs | https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014715437773.25 |
| 170 | ″ | rdf:type | schema:Person |
| 171 | grid-institutes:grid.16008.3f | schema:alternateName | Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg |
| 172 | ″ | schema:name | Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg |
| 173 | ″ | rdf:type | schema:Organization |