چكيده به لاتين
Software Defined Networks (SDN) are one of the most modern efforts of researchers and engineers to improve network management by using virtualization control and transferring management from hardware to software. Although SDN has provided ground for new innovations as well as aggregation of services, the innovativeness unwittingly provides the context of infiltration and attack into the separated layers and Increase necessity of using attack detection and prevention methods.
Generally, the detection of attacks on the network is divided into two categories of misuse detection and anomaly detection, which first models abnormal behavior, and the latter models normal behavior. Until now, abnormalities have been identified using various techniques of computational intelligence such as Neural Networks, Fuzzy Systems, Evolutionary Computing, Swarm Intelligence, Soft Computing and Artificial Immune Systems. Among these, Artificial Immune Systems are the newest one. They simulate one or more of the features and functions of the human immune system for solving complex problems, especially in the security context. Danger Theory is one of the most widely used methods in these Artificial Immune Systems.
The proposed method in this thesis, detects anomalies in software defined networks based on Danger Theory and in addition to making improvements to existing algorithms, has achieved better results in detecting anomalies on dataset derived from simulation of a software defined network, so that, compared with methods similar in the field of Danger Theory, the accuracy and area under receiver operating characteristic (ROC) curve have increased by about 4%.
Definition of signals based on software defined netowrk characteristics, the use of inflammation signal along with other signals and optimization of algorithm parameters by Simulated Anealing method, including the innovations used in this research.
