An SDN controller-based framework for anomaly detection using a GAN ensemble algorithm

Of recent, a handful of machine learning techniques have been proposed to handle the task of intrusion detection with algorithms taking charge; these algorithms learn, from traffic flow examples, to distinguish between benign and anomalous network events. In this paper, we explore the use of a Generative Adversarial Network (GAN) ensemble to detect anomalies in a Software-Defined Networking (SDN) environment using the Global Environment for Network Innovations (GENI) testbed over geographically separated instances. A controllerbased framework is proposed, comprising several components across the detection chain. A bespoke dataset is generated, addressing three of the most popular contemporary network attacks and using an SDN perspective. Evaluation results show great potential for detecting a wide array of anomalies

Design and Implementation of Anomaly Detections for User Authentication Framework

Anomaly detection is quickly becoming a very significant tool for a variety of applications such as intrusion detection, fraud detection, fault detection, system health monitoring, and event detection in IoT devices. An application that lacks a strong implementation for anomaly detection is user trait modeling for user authentication purposes. User trait models expose up-to-date representation of the user so that changes in their interests, their learning progress or interactions with the system are noticed and interpreted. The reason behind the lack of adoption in user trait modeling arises from the need of a continuous flow of high-volume data, that is not available in most cases, to achieve high-accuracy detection. This research provides new insight into anomaly detection techniques through Big Data utilization. Three classification approaches are presented for anomaly detection techniques that are aligned with Big Data characteristics: volume, variety and velocity. The classification is supported by applications of machine learning techniques, such as K-means, Hidden Markov Model, Gaussian Distribution and Auto-encoder neural network, with an aim to recommend best techniques to model user behaviour in an adaptive environment. An ingenious implementation of machine learning techniques has been presented that automatically and accurately builds a unique pattern of the users’ behaviour. With Big Data characteristics, anomaly detection techniques have become more suitable tools for user trait modeling. A solution model is designed and implemented based on anomaly detection outcomes utilizing user traits for an existing user authentication framework. User traits will be modeled by creating a security user profile for each individual user. This profile is structured and developed to be a seed for a strong real-time user authentication method. The implementation comprises four main steps: prediction of rare user actions, filter security potential actions, build/update user profile, and generate a real-time (i.e., just in time) set of challenging questions. Real-world scenarios have been given showing the benefits of these challenging questions in building secure knowledge-based user authentication systems