Scalable architecture for autonomous malware detection and defense in software-defined networks using federated learning approaches
Contact us if these videos are not relevant.
Contact us if these videos are not relevant.
View abstract on PubMed
Summary
This summary is machine-generated.This study introduces a federated learning (FL) architecture for scalable, autonomous malware detection in software-defined networks (SDNs). While effective for known attacks, performance varies with real-world data complexity.
Area Of Science
- Network Security
- Machine Learning
- Cybersecurity Architectures
Background
- Software-defined networks (SDNs) offer centralized control but require robust security measures.
- Traditional malware detection struggles with the scale and dynamic nature of modern networks.
- Federated learning (FL) provides a privacy-preserving approach to distributed machine learning.
Purpose Of The Study
- To propose a scalable and autonomous malware detection and defense architecture for SDNs using federated learning (FL).
- To combine SDN's data handling with FL's decentralized learning for adaptable network security.
- To evaluate the architecture's performance in detecting various cyber threats under different data conditions.
Main Methods
- Development of a novel architecture integrating SDN capabilities with FL principles.
- Implementation of a distributed learning approach where only model updates are shared, preserving data privacy.
- Testing and performance analysis using both balanced and imbalanced real-world datasets (e.g., CICIDS 2017, UNSW-NB15).
Main Results
- Achieved up to 96% detection rates for controlled DDoS and Botnet attacks with balanced datasets.
- Overall accuracy dropped to 59.50% in realistic simulations with imbalanced, diverse datasets and complex scenarios like data exfiltration.
- Demonstrated low latency (<1s), significant throughput recovery (300-500 Mbps), and minimized communication overhead.
Conclusions
- The proposed FL-based SDN architecture offers a scalable, privacy-preserving framework for malware detection.
- Effectiveness is high against major threats but requires further enhancement for subtle attack detection.
- Future work should focus on enriched datasets and improved feature engineering to address real-world deployment challenges.
Contact us if these videos are not relevant.
Contact us if these videos are not relevant.
Related Concept Videos
Beams are structural elements commonly employed in engineering applications requiring different load-carrying capacities. The first step in analyzing a beam under a distributed load is to simplify the problem by dividing the load into smaller regions, which allows one to consider each region separately and calculate the magnitude of the equivalent resultant load acting on each portion of the beam. The magnitude of the equivalent resultant load for each region can be determined by calculating...
Distribution reliability in electrical power systems is critical for ensuring an uninterrupted power supply to consumers at minimal cost. According to IEEE Standard Terms, reliability is the probability that a device will function without failure over a specified time period or amount of usage. For electric power distribution, this translates to maintaining continuous power supply and addressing customer concerns over power outages. Several indices, as defined by IEEE Standard 1366-2012, are...