机构地区:[1]Department of Computer Science,College of Computer and Information Sciences,Jouf University,Sakaka,Al Jouf,72341,Saudi Arabia [2]Department of Computer Sciences,Kinnaird College forWomen,Lahore,Punjab,54700,Pakistan [3]Department of Information Sciences,Division of Sciences and Technology,University of Education,Lahore,54770,Pakistan [4]Department of Computer Engineering and Networks,College of Computer and Information Sciences,Jouf University,Sakaka,72341,Saudi Arabia [5]Computer Science,Florida Polytechnic University,Lakeland,Florida,33805,USA [6]Delta3T,Lahore,Punjab,54700,Pakistan [7]Department of Basic Sciences,Common First Year,Jouf University,Sakaka,72341,Saudi Arabia
出 处:《Computer Systems Science & Engineering》2024年第2期363-394,共32页计算机系统科学与工程(英文)
基 金:This work was funded by the Deanship of Scientific Research at Jouf University under Grant Number(DSR2022-RG-0102).
摘 要:Software Defined Network(SDN)and Network Function Virtualization(NFV)technology promote several benefits to network operators,including reduced maintenance costs,increased network operational performance,simplified network lifecycle,and policies management.Network vulnerabilities try to modify services provided by Network Function Virtualization MANagement and Orchestration(NFV MANO),and malicious attacks in different scenarios disrupt the NFV Orchestrator(NFVO)and Virtualized Infrastructure Manager(VIM)lifecycle management related to network services or individual Virtualized Network Function(VNF).This paper proposes an anomaly detection mechanism that monitors threats in NFV MANO and manages promptly and adaptively to implement and handle security functions in order to enhance the quality of experience for end users.An anomaly detector investigates these identified risks and provides secure network services.It enables virtual network security functions and identifies anomalies in Kubernetes(a cloud-based platform).For training and testing purpose of the proposed approach,an intrusion-containing dataset is used that hold multiple malicious activities like a Smurf,Neptune,Teardrop,Pod,Land,IPsweep,etc.,categorized as Probing(Prob),Denial of Service(DoS),User to Root(U2R),and Remote to User(R2L)attacks.An anomaly detector is anticipated with the capabilities of a Machine Learning(ML)technique,making use of supervised learning techniques like Logistic Regression(LR),Support Vector Machine(SVM),Random Forest(RF),Naïve Bayes(NB),and Extreme Gradient Boosting(XGBoost).The proposed framework has been evaluated by deploying the identified ML algorithm on a Jupyter notebook in Kubeflow to simulate Kubernetes for validation purposes.RF classifier has shown better outcomes(99.90%accuracy)than other classifiers in detecting anomalies/intrusions in the containerized environment.
关 键 词:Software defined network network function virtualization network function virtualization management and orchestration virtual infrastructure manager virtual network function Kubernetes Kubectl artificial intelligence machine learning
分 类 号:TP181[自动化与计算机技术—控制理论与控制工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
