ZT-SDN: An ML-powered Zero-Trust Architecture for Software-Defined Networks
- URL: http://arxiv.org/abs/2411.15020v1
- Date: Fri, 22 Nov 2024 15:49:27 GMT
- Title: ZT-SDN: An ML-powered Zero-Trust Architecture for Software-Defined Networks
- Authors: Charalampos Katsis, Elisa Bertino,
- Abstract summary: We propose ZT-SDN, an automated framework for learning and enforcing network access control in Software-Defined Networks.
ZT-SDN collects data from the underlying network and models the network "transactions" performed by communicating entities as graphs.
It uses novel unsupervised learning approaches to extract transaction patterns directly from the network data, such as the allowed protocol stacks and port numbers.
We show the framework's efficacy in detecting abnormal network accesses and abuses of permitted flows in changing network conditions with real network datasets.
- Score: 11.854542093255779
- License:
- Abstract: Zero Trust (ZT) is a security paradigm aiming to curtail an attacker's lateral movements within a network by implementing least-privilege and per-request access control policies. However, its widespread adoption is hindered by the difficulty of generating proper rules due to the lack of detailed knowledge of communication requirements and the characteristic behaviors of communicating entities under benign conditions. Consequently, manual rule generation becomes cumbersome and error-prone. To address these problems, we propose ZT-SDN, an automated framework for learning and enforcing network access control in Software-Defined Networks. ZT-SDN collects data from the underlying network and models the network "transactions" performed by communicating entities as graphs. The nodes represent entities, while the directed edges represent transactions identified by different protocol stacks observed. It uses novel unsupervised learning approaches to extract transaction patterns directly from the network data, such as the allowed protocol stacks and port numbers and data transmission behavior. Finally, ZT-SDN uses an innovative approach to generate correct access control rules and infer strong associations between them, allowing proactive rule deployment in forwarding devices. We show the framework's efficacy in detecting abnormal network accesses and abuses of permitted flows in changing network conditions with real network datasets. Additionally, we showcase ZT-SDN's scalability and the network's performance when applied in an SDN environment.
Related papers
- MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.
We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.
MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z) - AI Flow at the Network Edge [58.31090055138711]
AI Flow is a framework that streamlines the inference process by jointly leveraging the heterogeneous resources available across devices, edge nodes, and cloud servers.
This article serves as a position paper for identifying the motivation, challenges, and principles of AI Flow.
arXiv Detail & Related papers (2024-11-19T12:51:17Z) - Unique ID based Trust Scheme for Improved IoV Wireless Sensor Network Security Against Power Controlled Sybil Attacks [1.906179410714637]
Wireless sensor networks (WSNs) are widely used in vehicular networks to support Vehicle-to-Everything (V2X) communications.
WSNs face security challenges due to their distributed nature and resource limited modules.
This paper proposes a unique identification based trust path routing scheme (UITrust) to avoid Sybil attacks.
arXiv Detail & Related papers (2024-10-05T07:20:55Z) - Secure Routing for Mobile Ad hoc Networks [2.965855310793378]
We present a route discovery protocol that mitigates the effects of malicious behavior in MANET networks.
Our protocol guarantees that fabricated, compromised, or replayed route replies would either be rejected or never reach back the querying node.
The scheme is robust in the presence of a number of non-colluding nodes.
arXiv Detail & Related papers (2024-03-01T09:50:00Z) - Asynchronous Perception-Action-Communication with Graph Neural Networks [93.58250297774728]
Collaboration in large robot swarms to achieve a common global objective is a challenging problem in large environments.
The robots must execute a Perception-Action-Communication loop -- they perceive their local environment, communicate with other robots, and take actions in real time.
Recently, this has been addressed using Graph Neural Networks (GNNs) for applications such as flocking and coverage control.
This paper proposes a framework for asynchronous PAC in robot swarms, where decentralized GNNs are used to compute navigation actions and generate messages for communication.
arXiv Detail & Related papers (2023-09-18T21:20:50Z) - Transaction Fraud Detection via Spatial-Temporal-Aware Graph Transformer [5.043422340181098]
We propose a novel graph neural network called Spatial-Temporal-Aware Graph Transformer (STA-GT) for transaction fraud detection problems.
Specifically, we design a temporal encoding strategy to capture temporal dependencies and incorporate it into the graph neural network framework.
We introduce a transformer module to learn local and global information.
arXiv Detail & Related papers (2023-07-11T08:56:53Z) - Causal Semantic Communication for Digital Twins: A Generalizable
Imitation Learning Approach [74.25870052841226]
A digital twin (DT) leverages a virtual representation of the physical world, along with communication (e.g., 6G), computing, and artificial intelligence (AI) technologies to enable many connected intelligence services.
Wireless systems can exploit the paradigm of semantic communication (SC) for facilitating informed decision-making under strict communication constraints.
A novel framework called causal semantic communication (CSC) is proposed for DT-based wireless systems.
arXiv Detail & Related papers (2023-04-25T00:15:00Z) - Reinforcement Learning for Protocol Synthesis in Resource-Constrained
Wireless Sensor and IoT Networks [1.462434043267217]
The paper introduces the use of RL and Multi Armed Bandit (MAB), a specific type of RL, for Medium Access Control (MAC)
It then introduces a novel learning based protocol synthesis framework that addresses specific difficulties and limitations in medium access for both random access and time slotted networks.
The ability of independent protocol learning by the nodes makes the system robust and adaptive to the changes in network and traffic conditions.
arXiv Detail & Related papers (2023-01-14T03:28:26Z) - Task-Oriented Communications for NextG: End-to-End Deep Learning and AI
Security Aspects [78.84264189471936]
NextG communication systems are beginning to explore shifting this design paradigm to reliably executing a given task such as in task-oriented communications.
Wireless signal classification is considered as the task for the NextG Radio Access Network (RAN), where edge devices collect wireless signals for spectrum awareness and communicate with the NextG base station (gNodeB) that needs to identify the signal label.
Task-oriented communications is considered by jointly training the transmitter, receiver and classifier functionalities as an encoder-decoder pair for the edge device and the gNodeB.
arXiv Detail & Related papers (2022-12-19T17:54:36Z) - Semi-supervised Variational Temporal Convolutional Network for IoT
Communication Multi-anomaly Detection [3.3659034873495632]
Internet of Things (IoT) devices are constructed to build a huge communications network.
These devices are insecure in reality, it means that the communications network are exposed by the attacker.
In this paper, we propose SS-VTCN, a semi-supervised network for IoT multiple anomaly detection.
arXiv Detail & Related papers (2021-04-05T08:51:24Z) - Decentralized Control with Graph Neural Networks [147.84766857793247]
We propose a novel framework using graph neural networks (GNNs) to learn decentralized controllers.
GNNs are well-suited for the task since they are naturally distributed architectures and exhibit good scalability and transferability properties.
The problems of flocking and multi-agent path planning are explored to illustrate the potential of GNNs in learning decentralized controllers.
arXiv Detail & Related papers (2020-12-29T18:59:14Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.