Network attack detection on SDN with programmable switches and Machine-learning

Simple item page
dc.audience.educationlevelOtros/Other
dc.contributor.advisorPérez Díaz, Jesús Arturo
dc.contributor.authorRamírez Martínez, Erick David
dc.contributor.committeememberRodríguez Hernández, Gerardo
dc.contributor.committeememberGutiérrez Betancur, Sergio Armando
dc.contributor.departmentSchool of Engineering and Sciences
dc.contributor.institutionCampus Monterrey
dc.contributor.mentorYungaicela Naula, Noé Marcelo
dc.date.accepted2024-10-31
dc.date.accessioned2024-12-04T23:30:20Z
dc.date.embargoenddate2026-07-31
dc.date.issued2024-12
dc.descriptionhttps://orcid.org/0000-0002-7678-5487
dc.description.abstractSoftware-defined networks provide alternatives for data management and security in enter prise environments with the help of an external controller and by separating the control planefrom the data plane. The versatility of SDN makes them suitable for the detection and mit igation of DDoS attacks. DDoS attacks are increasing in complexity and size. Several re ports state that DDoS are the second most prominent network attacks from 2022 to 2024 and are changing in behavior. New attackers are aiming at unprotected devices, such as IoT and healthcare networks, which pose a threat to human lives. DDoS also leverages new vulnerabil ities and behaviors, such as the more recent HTTP/2 attack, which shares several similarities with stealthy, Slow-rate attacks. State-of-the-art detection techniques for DDoS attacks in clude algorithms and machine learning implementations that classify data flows depending on individual features such as message length and packet frequency. However, these approaches may overload the network controller. This thesis proposes a framework that captures flow fea tures for ML detection within programmable switches, without relying on an SDN controller to increase the speed of network protection systems. This thesis presents a code written in P4 programming language for the use of BMv2 P4 programmable switches and a physical assessment using Tofino-based P4 programmable switches. Both implementations evaluate a protection framework against Slow-rate DDoS attacks using machine-learning models inside programmable switches. The results of this work showed an accuracy above 88%, ranging from 88.74% in the physical implementation to 98.28% in the simulated implementation. The results of this thesis achieved a steppingstone in DDoS attack detection as it is performed in real time at high speed due to the advantages of programmable switches. Moreover, the framework goes even further and implements a mitigation strategy that successfully blocks malicious IP addresses.
dc.description.degreeMaster of Science in Computer Science
dc.format.mediumTexto
dc.identifier.citationRamírez Martínez, E. D. (2004). Network attack detection on SDN with programmable switches and Machine-learning [Tesis maestría]. Instituto Tecnológico y de Estudios Superiores de Monterrey. Recuperado de: https://hdl.handlenet/11285/702871
dc.identifier.cvu1276356
dc.identifier.orcidhttps://orcid.org/0009-0003-2057-7595
dc.identifier.urihttps://hdl.handle.net/11285/702871
dc.language.isoeng
dc.publisherInstituto Tecnológico y de Estudios Superiores de Monterrey
dc.rightsopenAccess
dc.rights.embargoreasonLa tesis derivó a dos artículos científicos ya sometidos a revistas de alto impacto,
dc.rights.urihttp://creativecommons.org/licenses/by/4.0
dc.subject.classificationINGENIERÍA Y TECNOLOGÍA::CIENCIAS TECNOLÓGICAS::TECNOLOGÍA DE LOS ORDENADORES::DISPOSITIVOS DE CONTROL
dc.subject.keywordP4
dc.subject.keywordCiberseguridad
dc.subject.keywordInteligencia Artificial
dc.subject.keywordDDoS
dc.subject.keywordIoT
dc.subject.keywordSDN
dc.subject.keywordTofino
dc.subject.keywordSlow-rate
dc.subject.keywordDetección
dc.subject.keywordMitigación
dc.titleNetwork attack detection on SDN with programmable switches and Machine-learning
dc.typeTesis de maestría

Files

Original bundle

Now showing 1 - 3 of 3
Thumbnail Image
Name:
RamirezMartinez_TesisMaestriapdfa.pdf
Size:
6.85 MB
Format:
Adobe Portable Document Format
Description:
Tesis Maestría
Request a copy
Thumbnail Image
Name:
RamirezMartinez_ActaGradoDeclaracionAutoriapdfa.pdf
Size:
312.49 KB
Format:
Adobe Portable Document Format
Description:
Acta de Grado y Declaración de Autoría
Request a copy
Thumbnail Image
Name:
RamirezMartinez_CartaAutorizacionpdfa.pdf
Size:
66.67 KB
Format:
Adobe Portable Document Format
Description:
Carta Autorización
Request a copy

License bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
license.txt
Size:
1.28 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Ciencias Exactas y Ciencias de la Salud
logo

El usuario tiene la obligación de utilizar los servicios y contenidos proporcionados por la Universidad, en particular, los impresos y recursos electrónicos, de conformidad con la legislación vigente y los principios de buena fe y en general usos aceptados, sin contravenir con su realización el orden público, especialmente, en el caso en que, para el adecuado desempeño de su actividad, necesita reproducir, distribuir, comunicar y/o poner a disposición, fragmentos de obras impresas o susceptibles de estar en formato analógico o digital, ya sea en soporte papel o electrónico. Ley 23/2006, de 7 de julio, por la que se modifica el texto revisado de la Ley de Propiedad Intelectual, aprobado

DSpace software copyright © 2002-2025

Licencia