Related papers: SmartX Intelligent Sec: A Security Framework Based on Machine Learning and eBPF/XDP

SmartX Intelligent Sec: A Security Framework Based on Machine Learning and eBPF/XDP

URL: http://arxiv.org/abs/2410.20244v1
Date: Sat, 26 Oct 2024 18:17:10 GMT
Title: SmartX Intelligent Sec: A Security Framework Based on Machine Learning and eBPF/XDP
Authors: Talaya Farasat, JongWon Kim, Joachim Posegga,
Abstract summary: We propose SmartX Intelligent Sec, an innovative intelligent security framework. SmartX Intelligent Sec leverages a combination of the lightweight extended Berkeley Packet Filter/eXpress Data Path (eBPF/XDP) for efficient network packet capturing and filtering malicious network traffic. Our real-time prototype demonstrates that SmartX Intelligent Sec offers comprehensive automation features, enabling continuous network packet capturing, effective network threat detection, and efficient filtering of malicious network traffic.
Score: 0.2014089835498735
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Information and Communication Technologies (ICT) infrastructures are becoming increasingly complex day by day, facing numerous challenges to support the latest networking paradigms. Security is undeniably a critical component for the effective functioning of these advanced ICT infrastructures. By considering the current network security challenges, we propose SmartX Intelligent Sec, an innovative intelligent security framework. SmartX Intelligent Sec leverages a combination of the lightweight extended Berkeley Packet Filter/eXpress Data Path (eBPF/XDP) for efficient network packet capturing and filtering malicious network traffic, and a Bidirectional Long Short-Term Memory (BiLSTM) classifier for network threat detection. Our real-time prototype demonstrates that SmartX Intelligent Sec offers comprehensive automation features, enabling continuous network packet capturing, effective network threat detection, and efficient filtering of malicious network traffic. This framework ensures enhanced security and operational efficiency for modern ICT infrastructures.

Related papers

Integrated LLM-Based Intrusion Detection with Secure Slicing xApp for Securing O-RAN-Enabled Wireless Network Deployments [2.943640991628177]
The Open Radio Access Network (O-RAN) architecture is reshaping telecommunications by promoting openness, flexibility, and intelligent closed-loop optimization. This research explores using large language models (LLMs) to generate security recommendations based on the temporal traffic patterns of connected UEs.
arXiv Detail & Related papers (2025-04-01T01:45:07Z)
Synergizing AI and Digital Twins for Next-Generation Network Optimization, Forecasting, and Security [4.6313441815490775]
Digital network twins (DNTs) are virtual representations of physical networks, designed to enable real-time monitoring, simulation, and optimization of network performance. When integrated with machine learning (ML) techniques, DNTs emerge as powerful solutions for managing the complexities of network operations. We highlight key technical challenges that need to be addressed, such as ensuring network reliability, achieving joint data-scenario forecasting, and maintaining security in high-risk environments.
arXiv Detail & Related papers (2025-03-08T18:30:54Z)
UniNet: A Unified Multi-granular Traffic Modeling Framework for Network Security [4.206993135004622]
UniNet is a unified framework that introduces a novel multi-granular traffic representation (T-Matrix) UniNet sets a new benchmark for modern network security.
arXiv Detail & Related papers (2025-03-06T07:39:37Z)
PacketCLIP: Multi-Modal Embedding of Network Traffic and Language for Cybersecurity Reasoning [13.457018953474655]
PacketCLIP is a multi-modal framework combining packet data with natural language semantics. It integrates semantic reasoning with efficient classification, enabling robust detection of anomalies in encrypted network flows. It achieves a 95% mean AUC, outperforms baselines by 11.6%, and reduces model size by 92%.
arXiv Detail & Related papers (2025-03-05T18:58:58Z)
Toward Mixture-of-Experts Enabled Trustworthy Semantic Communication for 6G Networks [82.3753728955968]
We introduce a novel Mixture-of-Experts (MoE)-based SemCom system. This system comprises a gating network and multiple experts, each specializing in different security challenges. The gating network adaptively selects suitable experts to counter heterogeneous attacks based on user-defined security requirements. A case study in vehicular networks demonstrates the efficacy of the MoE-based SemCom system.
arXiv Detail & Related papers (2024-09-24T03:17:51Z)
Security Implications and Mitigation Strategies in MPLS Networks [0.0]
Multiprotocol Switching (MPLS) is a technology that directs data from one network node to another based on short path labels rather than long network addresses. This paper explores the security implications associated with networks, including risks such as label spoofing, traffic interception, and denial of service attacks.
arXiv Detail & Related papers (2024-09-04T09:21:47Z)
Distributed Swarm Learning for Edge Internet of Things [28.125744688546842]
The rapid growth of the Internet of Things (IoT) has led to the widespread deployment of smart computation devices at wireless edge for machine learning tasks. This article explores the risks of swarm security, non-constrained wireless communication and privacy issues. It combines biological intelligence in a holistic manner to provide efficient solutions for large-scale IoT at the edge wireless networks.
arXiv Detail & Related papers (2024-03-29T14:05:40Z)
Differentiated Security Architecture for Secure and Efficient Infotainment Data Communication in IoV Networks [55.340315838742015]
Negligence on the security of infotainment data communication in IoV networks can unintentionally open an easy access point for social engineering attacks. In particular, we first classify data communication in the IoV network, examine the security focus of each data communication, and then develop a differentiated security architecture to provide security protection on a file-to-file basis.
arXiv Detail & Related papers (2024-03-29T12:01:31Z)
SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic [49.549771439609046]
We propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security. Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication. Extensive experimental results show the effectiveness and efficiency of SISSA.
arXiv Detail & Related papers (2024-02-21T03:31:40Z)
Digital Twin-Empowered Smart Attack Detection System for 6G Edge of Things Networks [2.3464026676834813]
We introduce a digital twin-empowered smart attack detection system for 6G EoT networks. It monitors and simulates physical assets in real time, enhancing security. Our system excels in proactive threat detection, ensuring 6G EoT network security.
arXiv Detail & Related papers (2023-10-05T14:06:04Z)
Enhancing Network Resilience through Machine Learning-powered Graph Combinatorial Optimization: Applications in Cyber Defense and Information Diffusion [0.0]
This thesis focuses on developing effective approaches for enhancing network resilience. Existing approaches for enhancing network resilience emphasize on determining bottleneck nodes and edges in the network. This thesis aims to design effective, efficient and scalable techniques for discovering bottleneck nodes and edges in the network.
arXiv Detail & Related papers (2023-09-22T01:48:28Z)
XFedHunter: An Explainable Federated Learning Framework for Advanced Persistent Threat Detection in SDN [0.0]
This work proposes XFedHunter, an explainable federated learning framework for APT detection in Software-Defined Networking (SDN) In XFedHunter, Graph Neural Network (GNN) and Deep Learning model are utilized to reveal the malicious events effectively. The experimental results on NF-ToN-IoT and DARPA TCE3 datasets indicate that our framework can enhance the trust and accountability of ML-based systems.
arXiv Detail & Related papers (2023-09-15T15:44:09Z)
Artificial Intelligence Empowered Multiple Access for Ultra Reliable and Low Latency THz Wireless Networks [76.89730672544216]
Terahertz (THz) wireless networks are expected to catalyze the beyond fifth generation (B5G) era. To satisfy the ultra-reliability and low-latency demands of several B5G applications, novel mobility management approaches are required. This article presents a holistic MAC layer approach that enables intelligent user association and resource allocation, as well as flexible and adaptive mobility management.
arXiv Detail & Related papers (2022-08-17T03:00:24Z)
Symbolic Reinforcement Learning for Safe RAN Control [62.997667081978825]
We show a Symbolic Reinforcement Learning (SRL) architecture for safe control in Radio Access Network (RAN) applications. In our tool, a user can select a high-level safety specifications expressed in Linear Temporal Logic (LTL) to shield an RL agent running in a given cellular network. We demonstrate the user interface (UI) helping the user set intent specifications to the architecture and inspect the difference in allowed and blocked actions.
arXiv Detail & Related papers (2021-03-11T10:56:49Z)
Cognitive Radio Network Throughput Maximization with Deep Reinforcement Learning [58.44609538048923]
Radio Frequency powered Cognitive Radio Networks (RF-CRN) are likely to be the eyes and ears of upcoming modern networks such as Internet of Things (IoT) To be considered autonomous, the RF-powered network entities need to make decisions locally to maximize the network throughput under the uncertainty of any network environment. In this paper, deep reinforcement learning is proposed to overcome the shortcomings and allow a wireless gateway to derive an optimal policy to maximize network throughput.
arXiv Detail & Related papers (2020-07-07T01:49:07Z)

This list is automatically generated from the titles and abstracts of the papers in this site.