A design of port scan detection method based on the characteristics of packet-in messages in openflow networks

Daichi Ono; Satoru Izumi; Toru Abe; Takuo Suganuma

doi:10.23919/APNOMS50412.2020.9237012

A design of port scan detection method based on the characteristics of packet-in messages in openflow networks

Daichi Ono, Satoru Izumi, Toru Abe, Takuo Suganuma

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Due to the diversification of devices and the spread of the Internet, many people are handling information over the network and the threat of cyber-attacks by unauthorized access and malware is also considered as a problem, and countermeasures against these threats are an urgent issue. SDN and OpenFlow are useful for network cybersecurity countermeasures because they can collect traffic statistics from switches and can interrupt communication at the switch level. In this study, we focus on detecting a port scanning as a preparation stage for cyber-attacks. In this paper, we propose port scan detection method based on the characteristics of Packet-In messages in an OF network. Also, we show its effectiveness through the experiments.

Original language	English
Title of host publication	APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium
Subtitle of host publication	Towards Service and Networking Intelligence for Humanity
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	120-125
Number of pages	6
ISBN (Electronic)	9788995004388
DOIs	https://doi.org/10.23919/APNOMS50412.2020.9237012
Publication status	Published - 2020 Sep
Externally published	Yes
Event	21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020 - Daegu, Korea, Republic of Duration: 2020 Sep 22 → 2020 Sep 25

Publication series

Name	APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity

Conference

Conference	21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020
Country/Territory	Korea, Republic of
City	Daegu
Period	20/9/22 → 20/9/25

Keywords

OpenFlow
Packet-In message
Port scan detection
SDN

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture
Information Systems and Management
Safety, Risk, Reliability and Quality

Access to Document

10.23919/APNOMS50412.2020.9237012

Cite this

Ono, D., Izumi, S., Abe, T., & Suganuma, T. (2020). A design of port scan detection method based on the characteristics of packet-in messages in openflow networks. In APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity (pp. 120-125). [9237012] (APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.23919/APNOMS50412.2020.9237012

A design of port scan detection method based on the characteristics of packet-in messages in openflow networks. / Ono, Daichi; Izumi, Satoru ; Abe, Toru ; Suganuma, Takuo.

APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity. Institute of Electrical and Electronics Engineers Inc., 2020. p. 120-125 9237012 (APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ono, D, Izumi, S , Abe, T & Suganuma, T 2020, A design of port scan detection method based on the characteristics of packet-in messages in openflow networks. in APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity., 9237012, APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity, Institute of Electrical and Electronics Engineers Inc., pp. 120-125, 21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020, Daegu, Korea, Republic of, 20/9/22. https://doi.org/10.23919/APNOMS50412.2020.9237012

Ono D, Izumi S , Abe T , Suganuma T. A design of port scan detection method based on the characteristics of packet-in messages in openflow networks. In APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity. Institute of Electrical and Electronics Engineers Inc. 2020. p. 120-125. 9237012. (APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity). https://doi.org/10.23919/APNOMS50412.2020.9237012

Ono, Daichi ; Izumi, Satoru ; Abe, Toru ; Suganuma, Takuo. / A design of port scan detection method based on the characteristics of packet-in messages in openflow networks. APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity. Institute of Electrical and Electronics Engineers Inc., 2020. pp. 120-125 (APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity).

@inproceedings{1bc54c36171a441b8fee298c181cf9de,

title = "A design of port scan detection method based on the characteristics of packet-in messages in openflow networks",

abstract = "Due to the diversification of devices and the spread of the Internet, many people are handling information over the network and the threat of cyber-attacks by unauthorized access and malware is also considered as a problem, and countermeasures against these threats are an urgent issue. SDN and OpenFlow are useful for network cybersecurity countermeasures because they can collect traffic statistics from switches and can interrupt communication at the switch level. In this study, we focus on detecting a port scanning as a preparation stage for cyber-attacks. In this paper, we propose port scan detection method based on the characteristics of Packet-In messages in an OF network. Also, we show its effectiveness through the experiments.",

keywords = "OpenFlow, Packet-In message, Port scan detection, SDN",

author = "Daichi Ono and Satoru Izumi and Toru Abe and Takuo Suganuma",

note = "Publisher Copyright: {\textcopyright} 2020 KICS. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020 ; Conference date: 22-09-2020 Through 25-09-2020",

year = "2020",

month = sep,

doi = "10.23919/APNOMS50412.2020.9237012",

language = "English",

series = "APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "120--125",

booktitle = "APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium",

}

TY - GEN

T1 - A design of port scan detection method based on the characteristics of packet-in messages in openflow networks

AU - Ono, Daichi

AU - Izumi, Satoru

AU - Abe, Toru

AU - Suganuma, Takuo

PY - 2020/9

Y1 - 2020/9

N2 - Due to the diversification of devices and the spread of the Internet, many people are handling information over the network and the threat of cyber-attacks by unauthorized access and malware is also considered as a problem, and countermeasures against these threats are an urgent issue. SDN and OpenFlow are useful for network cybersecurity countermeasures because they can collect traffic statistics from switches and can interrupt communication at the switch level. In this study, we focus on detecting a port scanning as a preparation stage for cyber-attacks. In this paper, we propose port scan detection method based on the characteristics of Packet-In messages in an OF network. Also, we show its effectiveness through the experiments.

AB - Due to the diversification of devices and the spread of the Internet, many people are handling information over the network and the threat of cyber-attacks by unauthorized access and malware is also considered as a problem, and countermeasures against these threats are an urgent issue. SDN and OpenFlow are useful for network cybersecurity countermeasures because they can collect traffic statistics from switches and can interrupt communication at the switch level. In this study, we focus on detecting a port scanning as a preparation stage for cyber-attacks. In this paper, we propose port scan detection method based on the characteristics of Packet-In messages in an OF network. Also, we show its effectiveness through the experiments.

KW - OpenFlow

KW - Packet-In message

KW - Port scan detection

KW - SDN

UR - http://www.scopus.com/inward/record.url?scp=85096970556&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85096970556&partnerID=8YFLogxK

U2 - 10.23919/APNOMS50412.2020.9237012

DO - 10.23919/APNOMS50412.2020.9237012

M3 - Conference contribution

AN - SCOPUS:85096970556

T3 - APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity

SP - 120

EP - 125

BT - APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 21st Asia-Pacific Network Operations and Management Symposium, APNOMS 2020

Y2 - 22 September 2020 through 25 September 2020

ER -

A design of port scan detection method based on the characteristics of packet-in messages in openflow networks

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this