A security-constrained reinforcement learning framework for software defined networks

Mostra el registre complet Registre parcial de l'ítem

• dc.contributor.author Mudgerikar, Anand
• dc.contributor.author Bertino, Elisa
• dc.contributor.author Lobo, Jorge
• dc.contributor.author Verma, Dinesh
• dc.date.accessioned 2023-04-05T06:22:32Z
• dc.date.available 2023-04-05T06:22:32Z
• dc.date.issued 2021
• dc.description Comunicació presentada a IEEE International Conference on Communications (ICC 2021), celebrat del 14 al 23 de juny de 2021 de manera virtual.
• dc.description.abstract Reinforcement Learning (RL) is an effective technique for building ‘smart’ SDN controllers because of its model-free nature and ability to learn policies online without requiring extensive training data. However, as RL agents are geared to maximize functionality and explore the environment without constraints, security can be breached. In this paper, we propose Jarvis-SDN, a RL framework that constrains explorations by taking security into account. In Jarvis-SDN, the RL agent learns ‘intelligent policies’ which maximize functionality but not at the cost of security. Standard network flow based attack signatures obtained from intrusion detection system (IDS) datasets cannot be used as policies because they do not conform to the state model of the RL framework and thus have poor accuracy and high false positives. To address such issue, the security policies for constraining explorations in Jarvis-SDN are learnt in a semi-supervised manner in the form of ‘partial attack signatures’ from packet captures of IDS datasets that are then encoded in the objective function of the RL based optimization framework. These signatures are learnt using Deep Q-Networks (DQN). Our analysis shows that DQN based attack signatures perform better than classical machine learning techniques, like decision trees, random forests and deep neural networks (DNN), for common network attacks. We instantiate our framework for a SDN controller with the goal of intelligent rate control to further analyze the effectiveness of the attack signatures.
• dc.format.mimetype application/pdf
• dc.identifier.citation Mudgerikar A, Bertino E, Lobo J, Verma D. A security-constrained reinforcement learning framework for software defined networks. In: IEEE International Conference on Communications (ICC 2021): proceedings; 2021 Jun 14-23; Montreal, Canada. [Piscataway]: IEEE; 2021. [7 p.]. DOI: 10.1109/ICC42927.2021.9500763
• dc.identifier.doi http://dx.doi.org/10.1109/ICC42927.2021.9500763
• dc.identifier.isbn 978-1-7281-7122-7
• dc.identifier.issn 1550-3607
• dc.identifier.uri http://hdl.handle.net/10230/56419
• dc.language.iso eng
• dc.publisher Institute of Electrical and Electronics Engineers (IEEE)
• dc.relation.ispartof IEEE International Conference on Communications (ICC 2021): proceedings; 2021 Jun 14-23; Montreal, Canada. [Piscataway]: IEEE; 2021. [7 p.].
• dc.rights © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. http://dx.doi.org/10.1109/ICC42927.2021.9500763
• dc.rights.accessRights info:eu-repo/semantics/openAccess
• dc.subject.keyword Security and Safety
• dc.subject.keyword Deep Reinforcement Learning
• dc.subject.keyword Software Defined Networks
• dc.title A security-constrained reinforcement learning framework for software defined networks
• dc.type info:eu-repo/semantics/conferenceObject
• dc.type.version info:eu-repo/semantics/acceptedVersion