On Using Cognition for Anomaly Detection in SDN View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2017-11-11

AUTHORS

Emilia Tantar , Alexandru-Adrian Tantar , Miroslaw Kantor , Thomas Engel

ABSTRACT

Through this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services. More... »

PAGES

67-81

Book

TITLE

EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI

ISBN

978-3-319-69708-6
978-3-319-69710-9

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5

DOI

http://dx.doi.org/10.1007/978-3-319-69710-9_5

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1092634258


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0801", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Artificial Intelligence and Image Processing", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information Systems", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg", 
          "id": "http://www.grid.ac/institutes/grid.16008.3f", 
          "name": [
            "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Tantar", 
        "givenName": "Emilia", 
        "id": "sg:person.014120034333.51", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014120034333.51"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg", 
          "id": "http://www.grid.ac/institutes/grid.16008.3f", 
          "name": [
            "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Tantar", 
        "givenName": "Alexandru-Adrian", 
        "id": "sg:person.012203126757.71", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012203126757.71"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg", 
          "id": "http://www.grid.ac/institutes/grid.16008.3f", 
          "name": [
            "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Kantor", 
        "givenName": "Miroslaw", 
        "id": "sg:person.010477475103.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010477475103.76"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg", 
          "id": "http://www.grid.ac/institutes/grid.16008.3f", 
          "name": [
            "Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Engel", 
        "givenName": "Thomas", 
        "id": "sg:person.014715437773.25", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014715437773.25"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2017-11-11", 
    "datePublishedReg": "2017-11-11", 
    "description": "Through this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services.", 
    "editor": [
      {
        "familyName": "Tantar", 
        "givenName": "Alexandru-Adrian", 
        "type": "Person"
      }, 
      {
        "familyName": "Tantar", 
        "givenName": "Emilia", 
        "type": "Person"
      }, 
      {
        "familyName": "Emmerich", 
        "givenName": "Michael", 
        "type": "Person"
      }, 
      {
        "familyName": "Legrand", 
        "givenName": "Pierrick", 
        "type": "Person"
      }, 
      {
        "familyName": "Alboaie", 
        "givenName": "Lenuta", 
        "type": "Person"
      }, 
      {
        "familyName": "Luchian", 
        "givenName": "Henri", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-69710-9_5", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-319-69708-6", 
        "978-3-319-69710-9"
      ], 
      "name": "EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI", 
      "type": "Book"
    }, 
    "keywords": [
      "security services", 
      "anomaly detection", 
      "anomaly detection service", 
      "attack detection capability", 
      "predictive analytics capabilities", 
      "predictive analytics framework", 
      "SDN context", 
      "unsupervised learning", 
      "prediction mechanism", 
      "analytics capabilities", 
      "detection service", 
      "two-fold approach", 
      "SDN", 
      "position paper", 
      "detection capability", 
      "Gaussian process", 
      "analytic framework", 
      "services", 
      "OpenDaylight", 
      "capability", 
      "cognitive techniques", 
      "potential paths", 
      "software", 
      "security", 
      "network", 
      "nodes", 
      "engine", 
      "prototype", 
      "detection", 
      "functionality", 
      "learning", 
      "framework", 
      "integration", 
      "tool", 
      "path", 
      "smoothness", 
      "technique", 
      "context", 
      "e.", 
      "process", 
      "use", 
      "means", 
      "purpose", 
      "cognition", 
      "addition", 
      "flow", 
      "mechanism", 
      "frequency of flows", 
      "frequency", 
      "paper", 
      "approach", 
      "prototype cognitive security service", 
      "cognitive security service", 
      "learning-based anomaly detection service", 
      "Learn2Defend", 
      "traffic characteristics/behavior profiles e.", 
      "characteristics/behavior profiles e.", 
      "behavior profiles e.", 
      "profiles e.", 
      "line dynamic SDN context", 
      "dynamic SDN context", 
      "valid predictive analytics framework", 
      "SDN security services"
    ], 
    "name": "On Using Cognition for Anomaly Detection in SDN", 
    "pagination": "67-81", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1092634258"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-69710-9_5"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-69710-9_5", 
      "https://app.dimensions.ai/details/publication/pub.1092634258"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-01-01T19:07", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220101/entities/gbq_results/chapter/chapter_12.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-69710-9_5"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-69710-9_5'


 

This table displays all metadata directly associated to this object as RDF triples.

173 TRIPLES      23 PREDICATES      89 URIs      81 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-69710-9_5 schema:about anzsrc-for:08
2 anzsrc-for:0801
3 anzsrc-for:0806
4 schema:author N683070e40445450e9b0b85aaff361624
5 schema:datePublished 2017-11-11
6 schema:datePublishedReg 2017-11-11
7 schema:description Through this position paper we aim at providing a prototype cognitive security service for anomaly detection in Software Defined Networks (SDNs). We equally look at strengthening attack detection capabilities in SDNs, through the addition of predictive analytics capabilities. For this purpose, we build a learning-based anomaly detection service called Learn2Defend, based on functionalities provided by Opendaylight. A potential path to cognition is detailed, by means of a Gaussian Processes driven engine that makes use of traffic characteristics/behavior profiles e.g. smoothness of the frequency of flows traversing a given node. Learn2Defend follows a two-fold approach, with unsupervised learning and prediction mechanisms, all in an on-line dynamic SDN context. The prototype does not target to provide an universally valid predictive analytics framework for security, but rather to offer a tool that supports the integration of cognitive techniques in the SDN security services.
8 schema:editor N29a6c3901e2a439fbc89b68fce661c34
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree false
12 schema:isPartOf Nc6eaeb4adbe44f0f9080581ee9bf82c5
13 schema:keywords Gaussian process
14 Learn2Defend
15 OpenDaylight
16 SDN
17 SDN context
18 SDN security services
19 addition
20 analytic framework
21 analytics capabilities
22 anomaly detection
23 anomaly detection service
24 approach
25 attack detection capability
26 behavior profiles e.
27 capability
28 characteristics/behavior profiles e.
29 cognition
30 cognitive security service
31 cognitive techniques
32 context
33 detection
34 detection capability
35 detection service
36 dynamic SDN context
37 e.
38 engine
39 flow
40 framework
41 frequency
42 frequency of flows
43 functionality
44 integration
45 learning
46 learning-based anomaly detection service
47 line dynamic SDN context
48 means
49 mechanism
50 network
51 nodes
52 paper
53 path
54 position paper
55 potential paths
56 prediction mechanism
57 predictive analytics capabilities
58 predictive analytics framework
59 process
60 profiles e.
61 prototype
62 prototype cognitive security service
63 purpose
64 security
65 security services
66 services
67 smoothness
68 software
69 technique
70 tool
71 traffic characteristics/behavior profiles e.
72 two-fold approach
73 unsupervised learning
74 use
75 valid predictive analytics framework
76 schema:name On Using Cognition for Anomaly Detection in SDN
77 schema:pagination 67-81
78 schema:productId Nbdc8b24160ab4522a14dfe9180989155
79 Ne202e29b2412425b8808c351d19e9971
80 schema:publisher N66d19cc8cb8f40baa191a6a1979442dc
81 schema:sameAs https://app.dimensions.ai/details/publication/pub.1092634258
82 https://doi.org/10.1007/978-3-319-69710-9_5
83 schema:sdDatePublished 2022-01-01T19:07
84 schema:sdLicense https://scigraph.springernature.com/explorer/license/
85 schema:sdPublisher N4c6b4f435d4640bcb07845ab4f1fed55
86 schema:url https://doi.org/10.1007/978-3-319-69710-9_5
87 sgo:license sg:explorer/license/
88 sgo:sdDataset chapters
89 rdf:type schema:Chapter
90 N0d1e4f249ecd4fe6820fd9c81d9cd412 rdf:first sg:person.012203126757.71
91 rdf:rest Nfb5bf472769b4daf941633d8d5034d26
92 N27aacfa573e946139cf11b53370afea4 rdf:first N972fa8a6714a4fc49c78093df57da840
93 rdf:rest N6ed332a3246f4e11880ffb3ecf1fe7fb
94 N29a6c3901e2a439fbc89b68fce661c34 rdf:first Na1c09e24d0c84309983a3c7796740324
95 rdf:rest N55c1b41cd5fa4929a43e449a401e0897
96 N425dc92561c2408a9cf546801d5dd44f schema:familyName Legrand
97 schema:givenName Pierrick
98 rdf:type schema:Person
99 N479abefbef514e83a6d55acc2886061c schema:familyName Luchian
100 schema:givenName Henri
101 rdf:type schema:Person
102 N4c6b4f435d4640bcb07845ab4f1fed55 schema:name Springer Nature - SN SciGraph project
103 rdf:type schema:Organization
104 N55c1b41cd5fa4929a43e449a401e0897 rdf:first Nf2b56a50b0af4800a29cba097009db45
105 rdf:rest Nfd9107fc1e8a43eca228cf7c93486b88
106 N66d19cc8cb8f40baa191a6a1979442dc schema:name Springer Nature
107 rdf:type schema:Organisation
108 N683070e40445450e9b0b85aaff361624 rdf:first sg:person.014120034333.51
109 rdf:rest N0d1e4f249ecd4fe6820fd9c81d9cd412
110 N6ed332a3246f4e11880ffb3ecf1fe7fb rdf:first N479abefbef514e83a6d55acc2886061c
111 rdf:rest rdf:nil
112 N767113130d5642b393dd8ae2534c16c7 schema:familyName Emmerich
113 schema:givenName Michael
114 rdf:type schema:Person
115 N9608b40e12a64fff9eee2aaed0354691 rdf:first N425dc92561c2408a9cf546801d5dd44f
116 rdf:rest N27aacfa573e946139cf11b53370afea4
117 N972fa8a6714a4fc49c78093df57da840 schema:familyName Alboaie
118 schema:givenName Lenuta
119 rdf:type schema:Person
120 Na1c09e24d0c84309983a3c7796740324 schema:familyName Tantar
121 schema:givenName Alexandru-Adrian
122 rdf:type schema:Person
123 Nbdc8b24160ab4522a14dfe9180989155 schema:name doi
124 schema:value 10.1007/978-3-319-69710-9_5
125 rdf:type schema:PropertyValue
126 Nc6eaeb4adbe44f0f9080581ee9bf82c5 schema:isbn 978-3-319-69708-6
127 978-3-319-69710-9
128 schema:name EVOLVE - A Bridge between Probability, Set Oriented Numerics, and Evolutionary Computation VI
129 rdf:type schema:Book
130 Nd169df2b4d46441f9fc806bbc03bc282 rdf:first sg:person.014715437773.25
131 rdf:rest rdf:nil
132 Ne202e29b2412425b8808c351d19e9971 schema:name dimensions_id
133 schema:value pub.1092634258
134 rdf:type schema:PropertyValue
135 Nf2b56a50b0af4800a29cba097009db45 schema:familyName Tantar
136 schema:givenName Emilia
137 rdf:type schema:Person
138 Nfb5bf472769b4daf941633d8d5034d26 rdf:first sg:person.010477475103.76
139 rdf:rest Nd169df2b4d46441f9fc806bbc03bc282
140 Nfd9107fc1e8a43eca228cf7c93486b88 rdf:first N767113130d5642b393dd8ae2534c16c7
141 rdf:rest N9608b40e12a64fff9eee2aaed0354691
142 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
143 schema:name Information and Computing Sciences
144 rdf:type schema:DefinedTerm
145 anzsrc-for:0801 schema:inDefinedTermSet anzsrc-for:
146 schema:name Artificial Intelligence and Image Processing
147 rdf:type schema:DefinedTerm
148 anzsrc-for:0806 schema:inDefinedTermSet anzsrc-for:
149 schema:name Information Systems
150 rdf:type schema:DefinedTerm
151 sg:person.010477475103.76 schema:affiliation grid-institutes:grid.16008.3f
152 schema:familyName Kantor
153 schema:givenName Miroslaw
154 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010477475103.76
155 rdf:type schema:Person
156 sg:person.012203126757.71 schema:affiliation grid-institutes:grid.16008.3f
157 schema:familyName Tantar
158 schema:givenName Alexandru-Adrian
159 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012203126757.71
160 rdf:type schema:Person
161 sg:person.014120034333.51 schema:affiliation grid-institutes:grid.16008.3f
162 schema:familyName Tantar
163 schema:givenName Emilia
164 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014120034333.51
165 rdf:type schema:Person
166 sg:person.014715437773.25 schema:affiliation grid-institutes:grid.16008.3f
167 schema:familyName Engel
168 schema:givenName Thomas
169 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014715437773.25
170 rdf:type schema:Person
171 grid-institutes:grid.16008.3f schema:alternateName Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg
172 schema:name Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4 Rue Alphonse Weicker, 2721, Luxembourg, Luxembourg
173 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...