Behavior-based malware detection system for software-defined networking = 소프트웨어 정의 네트워킹에서의 행위 기반 악성 프로그램 탐지 시스템에 대한 연구

Software-defined networking (SDN) is an innovative and promising future networking technology that has rapidly gained significant attentions from both academia and industry. Accordingly, initiated and accelerated by enterprises, various components of SDN have been implemented, and many practical use cases of SDN have been demonstrated with such component implementations to show the potentials of SDNs. One of the most crucial SDN components is an SDN controller, which is often considered as a control tower of SDN. It not only provides centralized control and automation of SDNs, but also implements open and programmable APIs to ultimately establish an open SDN application ecosystem, where anyone can develop and distribute useful SDN applications. Such an ecosystem potentially unleashes new levels of innovation; however, it also introduces new security threat to SDN environments. In such an ecosystem, malicious SDN applications can be easily developed and distributed by untrusted entities, and to the best of our knowledge, there exists no known solution to this problem. As demonstrated in previous studies, the security threat of malicious SDN applications must be taken seriously as SDN applications possess full control of SDNs. In this thesis, we propose a novel system, called BeBop, which analyzes and classifies SDN applications based on their behavioral patterns. We show the effectiveness and the performance of our system by actually implementing and evaluating the prototype of BeBop.
Kim, Myungchulresearcher김명철researcherShin, Seungwonresearcher신승원researcher
Issue Date

학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2016.8 ,[iv, 40 p. :]


Software-Defined Networking; Network Security; Malware Detection; Static Analysis; Malware Analysis; 소프트웨어 정의 네트워킹; 네트워크 보안; 악성 프로그램 탐지; 정적 분석; 악성 프로그램 분석

Appears in Collection
Files in This Item
There are no files associated with this item.
  • Hit : 194
  • Download : 0
  • Cited 0 times in thomson ci


  • mendeley


rss_1.0 rss_2.0 atom_1.0