A4 Article in conference proceedings
Reinforcement Learning for Attack Mitigation in SDN-enabled Networks (2020)

Zolotukhin, M., Kumar, S., & Hämäläinen, T. (2020). Reinforcement Learning for Attack Mitigation in SDN-enabled Networks. In F. De Turck, P. Chemouil, T. Wauters, M. Faten Zhani, W. Cerroni, R. Pasquini, & Z. Zhu (Eds.), NetSoft 2020 : Proceedings of the 2020 IEEE Conference on Network Softwarization. Bridging the Gap Between
AI and Network Softwarization (pp. 282-286). IEEE. https://doi.org/10.1109/NetSoft48620.2020.9165383

JYU authors or editors

Publication details

All authors or editors: Zolotukhin, Mikhail; Kumar, Sanjay; Hämäläinen, Timo

Parent publication: NetSoft 2020 : Proceedings of the 2020 IEEE Conference on Network Softwarization. Bridging the Gap Between
AI and Network Softwarization

Parent publication editors: De Turck, Filip; Chemouil, Prosper; Wauters, Tim; Faten Zhani, Mohamed; Cerroni, Walter; Pasquini, Rafael; Zhu, Zuqing

Conference:

Place and date of conference: Virtual conference (Ghent, Belgium), 29.6.-3.7.2020

eISBN: 978-1-7281-5684-2

Publication year: 2020

Pages range: 282-286

Publisher: IEEE

Publication country: United States

Publication language: English

DOI: https://doi.org/10.1109/NetSoft48620.2020.9165383

Publication open access: Not open

Publication channel open access: 

Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/93737

Abstract

With the recent progress in the development of low-budget sensors and machine-to-machine communication, the Internet-of-Things has attracted considerable attention. Unfortunately, many of today's smart devices are rushed to market with little consideration for basic security and privacy protection making them easy targets for various attacks. Unfortunately, organizations and network providers use mostly manual workflows to address malware-related incidents and therefore they are able to prevent neither attack damage nor potential attacks in the future. Thus, there is a need for a defense system that would not only detect an intrusion on time, but also would make the most optimal real-time crisis-action decision on how the network security policy should be modified in order to mitigate the threat. In this study, we are aiming to reach this goal relying on advanced technologies that have recently emerged in the area of cloud computing and network virtualization. We are proposing an intelligent defense system implemented as a reinforcement machine learning agent that processes current network state and takes a set of necessary actions in form of software-defined networking flows to redirect certain network traffic to virtual appliances. We also implement a proof-of-concept of the system and evaluate a couple of state-of-art reinforcement learning algorithms for mitigating three basic network attacks against a small realistic network environment.

Keywords: information networks; safety and security; data security; cyber attacks; anomalies; machine learning

Free keywords: network security; machine learning; reinforcement learning; software-defined networking; network function virtualization

Contributing organizations

Ministry reporting: Yes

Reporting Year: 2020

JUFO rating: 1