Accurate Anomaly Detection using Adaptive Monitoring and Fast Switching in SDN

Software defined networking (SDN) is rapidly evolving technology which provides a suitable environment for easily applying efficient monitoring policies on the networks. SDN provides a centralized control of the whole network from which monitoring of network traffic and resources can be done with ease. SDN promises to drastically simplify network monitoring and management and also enable rapid innovation of networks through network programmability. SDN architecture separates the control of the network from the forwarding devices. With the higher innovation provided by the SDN, security threats at open interfaces of SDN also increases significantly as an attacker can target the single centralized point i.e. controller, to attack the network. Hence, efficient adaptive monitoring and measurement is required to detect and prevent malicious activities inside the network. Various such techniques have already been proposed by many researchers. This paper describes a work of applying efficient adaptive monitoring on the network while maintaining the performance of the network considering monitoring overhead over the controller. This work represents effective bandwidth utilization for calculation of threshold range while applying anomaly detection rules for monitoring of the network. Accurate detection of anomalies is implemented and also allows valid users and applications to transfer the data without any restrictions inside the network which otherwise were considered as anomalies in previous technique due to fluctuation of data and narrow threshold window. The concept of fast switching also used to improve the processing speed and performance of the networks.