| Popis: |
Today world, as the improvement of communication and information technology, the security system is very important role. So, many network administrators are widely using Software Defined Network (SDN) rather than traditional network for management and security. However, due to the less accurate of using entropy-based detection method, they try accurately hard to protect their network under anomaly attacks. This challenge can be highlighted with the help of combining entropy with Support Vector Machine (SVM) method. In this paper, we propose anomaly detection method that incorporates entropy with SVM. In entropy calculation, the proposed system uses four parameters source IP, destination IP, source port and finally destination port to be fixed. Moreover, there are three processes (feature classification, feature extraction and flow management) in POX controller as control plane of SDN. For Feature classification, the anomaly detection is evaluated with ASNM-NPBO (Advanced Security Network Metrics and Non-Payload-Based Obfuscations) dataset based on the various features of attack and normal packets. Finally, experimental results show that the overall accuracy range of the proposed system is capable to detect anomaly attacks with good results and low false alarm rate. |
