Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: English
- Document No: 49118 (52)
- University: Sharif University of Technology, International Campus, Kish Island
- Department: Science and Engineering
- Advisor(s): Akbari, Behzad
- Abstract:
- With growth in using the Internet and entrance of online stores and internet banks to daily people life, security has become a vital part of this new world. This causes, industrial companies started to produce security devices such as fire walls for protecting network from outside attackers and Intrusion Detection/Prevention Systems (IPS/IDS) for detection of attacks inside network. IPS/IDS causes network overload due to requiring copy of packet or flow information. With introducing Software Defined Networking (SDN) architecture, there is a hope to solve the issue with combining IPS/IDS and SDN features. Therefore, we propose two novel approaches for fast network scanning and SYN Flood attacks detection with using SDN architecture. We called this architecture “SYN Watch”. “SYN Watch” uses three main components to gathered needed information and detection which is implemented in control plane of SDN architecture. Our approaches add only a little overhead to the network in comparison with previous works. It also requires low resources for detection of network scanning and flood detection. We implement “SYN Watch” in MININET emulator with FloodLight controllers as OpenFlow controller. We evaluate accuracy and precision of our detection applications. The results show that our algorithm can detect anomalies with accuracy and precision more than 90 percent
- Keywords:
- IP Networks ; Anomaly Detection ; Software Defined Networks (SDN) ; Intrusion Detecticn and Prevention
Digital Object List-
محتواي کتاب - view
Bookmark