Skip to main content
SpringerLink
Log in

A survey and classification of the security anomaly detection mechanisms in software defined networks

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Software defined network (SDN) decouples the network control and data planes. Despite various advantages of SDNs, they are vulnerable to various security attacks such anomalies, intrusions, and Denial-of-Service (DoS) attacks and so on. On the other hand, any anomaly and intrusion in SDNs can affect many important domains such as banking system and national security. Therefore, the anomaly detection topic is a broad research domain, and to mitigate these security problems, a great deal of research has been conducted in the literature. In this paper, the state-of-the-art schemes applied in detecting and mitigating anomalies in SDNs are explained, categorized, and compared. This paper categorizes the SDN anomaly detection mechanisms into five categories: (1) flow counting scheme, (2) information-based scheme, (3) entropy-based scheme, (4) deep learning, and (5) hybrid scheme. The research gaps and major existing research issues regarding SDN anomaly detection are highlighted. We hope that the analyses, comparisons, and classifications might provide directions for further research.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Farhady, H., Lee, H., Nakao, A.: Software-defined networking: a survey. Comput. Netw. 81, 79–95 (2015). https://doi.org/10.1016/j.comnet.2015.02.014

    Article  Google Scholar 

  2. Masoudi, R., Ghaffari, A.: Software defined networks: a survey. J. Netw. Comput. Appl. 67, 1–25 (2016)

    Article  Google Scholar 

  3. Ahmad, I., Namal, S., Ylianttila, M., Gurtov, A.: Security in software defined networks: a survey. IEEE Commun. Surv. Tutor. 17(4), 2317–2346 (2015)

    Article  Google Scholar 

  4. Shirmarz, A., Ghaffari, A.: An adaptive greedy flow routing algorithm for performance improvement in software-defined network. Int. J. Numer. Model. Electron. Netw. Dev. Fields 33(1), e2676 (2020)

    Google Scholar 

  5. Shirmarz, A., Ghaffari, A.: Performance issues and solutions in SDN-based data center: a survey. J. Supercomput. (2020). https://doi.org/10.1007/s11227-020-03180-7

    Article  Google Scholar 

  6. Sun, R., Zhang, S., Yin, C., Wang, J., Min, S.: Strategies for data stream mining method applied in anomaly detection. Clust. Comput. 22(2), 399–408 (2019)

    Article  Google Scholar 

  7. Wang, J., Xia, L.: Abnormal behavior detection in videos using deep learning. Clust. Comput. 22(4), 9229–9239 (2019)

    Article  MathSciNet  Google Scholar 

  8. Velliangiri, S., Premalatha, J.: Intrusion detection of distributed denial of service attack in cloud. Clust. Comput. 22(5), 10615–10623 (2019)

    Article  Google Scholar 

  9. Yin, C., Zhang, S., Yin, Z., Wang, J.: Anomaly detection model based on data stream clustering. Clust. Comput. 22, S1729–S1738 (2019)

    Article  Google Scholar 

  10. Jaber, A.N., Rehman, S.U.: FCM–SVM based intrusion detection system for cloud computing environment. Clust. Comput. (2020). https://doi.org/10.1007/s10586-020-03082-6

    Article  Google Scholar 

  11. Aljawarneh, S., Yassein, M.B., Aljundi, M.: An enhanced J48 classification algorithm for the anomaly intrusion detection systems. Clust. Comput. 22(5), 10549–10565 (2019)

    Article  Google Scholar 

  12. Karmakar, K.K., Varadharajan, V., Tupakula, U.: Mitigating attacks in software defined networks. Clust. Comput. 22(4), 1143–1157 (2019)

    Article  Google Scholar 

  13. Badotra, S., Panda, S.N.: SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking. Clust. Comput. (2019). https://doi.org/10.1007/s10586-017-1066-2

    Article  Google Scholar 

  14. Jafarian, T., Masdari, M., Ghaffari, A., Majidzadeh, K.: Security anomaly detection in software-defined networking based on a prediction technique. Int. J. Commun Syst 33(14), e4524 (2020)

    Article  Google Scholar 

  15. Nunes, B.A.A., Mendonca, M., Nguyen, X.-N., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tutor. 16(3), 1617–1634 (2014)

    Article  Google Scholar 

  16. Xia, W., Wen, Y., Foh, C.H., Niyato, D., Xie, H.: A survey on software-defined networking. IEEE Commun. Surv. Tutor. 17(1), 27–51 (2015)

    Article  Google Scholar 

  17. Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., Maglaris, V.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122–136 (2014)

    Article  Google Scholar 

  18. Keogh, E., Lonardi, S., Ratanamahatana, C.A.: Towards parameter-free data mining. In: Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2004. ACM, pp. 206–215

  19. Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE 35th Conference on Local Computer Networks (LCN), 2010. IEEE, pp. 408–415

  20. Chunhua Zhang, J.S., Sun, G.: Research on the anomaly detection of flow streaming technology in network. In: 4th International Conference on Mechatronics, Materials, Chemistry and Computer Engineering (ICMMCCE), 2015

  21. Trammell, B., Boschi, E.: An introduction to IP flow information export (IPFIX). IEEE Commun. Mag. 49(4), 89–95 (2011)

    Article  Google Scholar 

  22. Rehman, S.U., Song, W.-C., Kang, M.: Network-wide traffic visibility in OF@ TEIN SDN testbed using sFlow. In: Network Operations and Management Symposium (APNOMS), 2014 16th Asia-Pacific, 2014. IEEE, pp. 1–6

  23. https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  24. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.-A.: A detailed analysis of the KDD CUP 99 data set. In: Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009

  25. Sathya, R., Thangarajan, R.: Efficient anomaly detection and mitigation in software defined networking environment. In: 2nd International Conference on Electronics and Communication Systems (ICECS), 2015. IEEE, pp. 479–484

  26. Mehdi, S.A., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: International Workshop on Recent Advances in Intrusion Detection, 2011. Springer, Berlin, pp. 161–180

  27. Nadeau, T., Pan, P.: Software driven networks problem statement, 2011

  28. Xie, H., Tsou, T., Lopez, D., Yin, H., Gurbani, V.: Use cases for ALTO with software defined networks, Working Draft, IETF Secretariat, Internet-Draft draft-xie-alto-sdn-extension-use-cases-01.txt, 2012

  29. Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM WORKSHOP on Hot Topics in Software Defined Networking, 2013. ACM, pp. 55–60

  30. Shin, S., Porras, P., Yegneswaran, V, Gu, G.: A framework for integrating security services into software-defined networks. In: Proceedings of the 2013 Open Networking Summit (Research Track Poster Paper), Ser. ONS, vol. 13, 2013

  31. Wen, X., Chen, Y., Hu, C., Shi, C., Wang, Y.: Towards a secure controller platform for openflow applications. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, 2013. ACM, pp. 171–172

  32. Hartman, S., Wasserman, M., Zhang, D.: Security requirements in the software defined networking model, IETF Draft (draft-hartman-sdnsec-requirements), 2013

  33. Al-Shaer, E., Al-Haj, S.: FlowChecker: configuration analysis and verification of federated OpenFlow infrastructures. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, 2010. ACM, pp. 37–44

  34. Ferguson, A.D., Guha, A., Place, J., Fonseca, R., Krishnamurthi, S.: Participatory networking. In: Presented as Part of the 2nd USENIX Workshop on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services, 2012

  35. Fonseca, P., Bennesby, R., Mota, E., Passito, A.: A replication component for resilient OpenFlow-based networking. In: 2012 IEEE Network Operations and Management Symposium, 2012. IEEE, pp. 933–939

  36. Jarschel, M., Oechsner, S., Schlosser, D., Pries, R., Goll, S., Tran-Gia, P.: Modeling and performance evaluation of an OpenFlow architecture. In: Proceedings of the 23rd International Teletraffic Congress, 2011. International Teletraffic Congress, pp. 1–7.

  37. Naous, J., Erickson, D., Covington, G.A., Appenzeller, G., McKeown, N.: Implementing an OpenFlow switch on the NetFPGA platform. In: Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, 2008. ACM, pp. 1–9

  38. Shin, S., Gu, G.: Attacking software-defined networks: a first feasibility study. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, 2013. ACM, pp. 165–166

  39. Shin, S., Yegneswaran, V., Porras, P., Gu, G.: AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, 2013. ACM, pp. 413–424

  40. Yao, G., Bi, J., Guo, L.: On the cascading failures of multi-controllers in software defined networks. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), 2013. IEEE, pp. 1–2

  41. Seedorf, J., Burger, E.: Application-Layer Traffic Optimization (ALTO) Problem Statement, 2070–1721, 2009

  42. Benton, K., Camp, L.J., Small, C.: Openflow vulnerability assessment. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, 2013. ACM, pp. 151–152

  43. Liyanage, M., Gurtov, A.: Secured VPN models for LTE backhaul networks. In: Vehicular Technology Conference (VTC Fall), 2012 IEEE, 2012. IEEE, pp. 1–5

  44. Staessens, D., Sharma, S., Colle, D., Pickavet, M., Demeester, P.: Software defined networking: meeting carrier grade requirements. In: 18th IEEE Workshop on Local & Metropolitan Area Networks (LANMAN), 2011. IEEE, pp. 1–6

  45. Zhang, Y., Beheshti, N., Tatipamula, M.: On resilience of split-architecture networks. In: Global Telecommunications Conference (GLOBECOM 2011), 2011 IEEE, 2011. IEEE, pp. 1–6

  46. Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, 2010. ACM, p. 19

  47. Tootoonchian, A., Ghobadi, M., Ganjali, Y.: OpenTM: traffic matrix estimator for OpenFlow networks. In: International Conference on Passive and Active Network Measurement, 2010, Springer, Berlin, pp. 201–210

  48. Powell, D., Stroud, R.: Conceptual model and architecture of MAFTIA, Technical Report Series-University of Newcastle Upon Tyne Computing Science, 2003

  49. Aslam, T.: A taxonomy of security faults in the Unix operating system, Purdue University, 1995

  50. Khan, S., Gani, A., Wahab, A.W.A., Shiraz, M., Ahmad, I.: Network forensics: review, taxonomy, and open challenges. J. Netw. Comput. Appl. 66, 214–235 (2016)

    Article  Google Scholar 

  51. Kumar, S.: Classification and detection of computer intrusions, Purdue University, 1995

  52. Landwehr, C.E., Bull, A.R., McDermott, J.P., Choi, W.S.: A taxonomy of computer program security flaws. ACM Comput. Surv. 26(3), 211–254 (1994)

    Article  Google Scholar 

  53. Lindqvist, U., Jonsson, E.: How to systematically classify computer security intrusions. In: IEEE Symposium on Security and Privacy, 1997. Proceedings 1997. IEEE, pp. 154–163

  54. Lough, D.L.: A taxonomy of computer attacks with applications to wireless networks, 2001

  55. Howard, J.D.: An analysis of security incidents on the Internet 1989–1995, DTIC Document, 1997

  56. Kendall, K.: A database of computer attacks for the evaluation of intrusion detection systems, DTIC Document, 1999

  57. Lin, J.-L., Wang, X.S., Jajodia, S.: Abstraction-based misuse detection: High-level specifications and adaptable strategies. In: Computer Security Foundations Workshop, 1998. Proceedings. 11th IEEE, 1998. IEEE, pp. 190–201

  58. Altwaijry, H., Algarny, S.: Bayesian based intrusion detection system. J. King Saud Univ. 24(1), 1–6 (2012)

    Google Scholar 

  59. Ali, S.T., Sivaraman, V., Radford, A., Jha, S.: A survey of securing networks using software defined networking. IEEE Trans. Reliab. 64(3), 1086–1097 (2015)

    Article  Google Scholar 

  60. Zhang, Y.: An adaptive flow counting method for anomaly detection in SDN. In: Proceedings of the ninth ACM Conference on Emerging Networking Experiments and Technologies, 2013. ACM, pp. 25–30

  61. Garg, G., Garg, R.: Security of networks using efficient adaptive flow counting for anomaly detection in SDN. Artificial Intelligence and Evolutionary Computations in Engineering Systems, pp. 667–674. Springer, Berlin (2016)

    Chapter  Google Scholar 

  62. Garg, G., Garg, R.: Detecting anomalies efficiently in SDN using adaptive mechanism. In: 2015 Fifth International Conference on Advanced Computing & Communication Technologies, 2015. IEEE, pp. 367–370

  63. Ha, T., et al.: Suspicious traffic sampling for intrusion detection in software-defined networks. Comput. Netw. (2016). https://doi.org/10.1016/j.comnet.2016.05.019

    Article  Google Scholar 

  64. Granby, B.R., Askwith, B., Marnerides, A.K.: SDN-PANDA: software-defined network platform for anomaly detection applications. In: 2015 IEEE 23rd International Conference on Network Protocols (ICNP), 2015. IEEE, pp. 463–466

  65. Hommes, S., State, R., Engel, T.: Implications and detection of DoS attacks in OpenFlow-based networks. In: 2014 IEEE Global Communications Conference, 2014. IEEE, pp. 537–543

  66. Shin, S., Porras, P.A., Yegneswaran, V., Fong, M.W., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: NDSS, 2013

  67. Carvalho, L.F., Fernandes, G., Rodrigues, J.J., Mendes, L.S., Proença, M.L.: A novel anomaly detection system to assist network management in SDN environment. In: IEEE International Conference on Communications (ICC), 2017. IEEE, pp. 1–6

  68. Lee, S., Kim, J., Shin, S., Porras, P., Yegneswaran, V.: Athena: a framework for scalable anomaly detection in software-defined networks. In: 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2017. IEEE, pp. 249–260

  69. He, D., Chan, S., Ni, X., Guizani, M.: Software-defined-networking-enabled traffic anomaly detection and mitigation. IEEE Internet Things J. 4(6), 1890–1898 (2017)

    Article  Google Scholar 

  70. Carvalho, L.F., Abrão, T., de Souza Mendes, L., Proença, M.L.: An ecosystem for anomaly detection and mitigation in software-defined networking. Expert Syst. Appl. 104, 121–133 (2018)

    Article  Google Scholar 

  71. Peng, H., Sun, Z., Zhao, X., Tan, S., Sun, Z.: A detection method for anomaly flow in software defined network, IEEE Access, 2018

  72. Schechter, S.E., Jung, J., Berger, A.W.: Fast detection of scanning worm infections. In: International Workshop on Recent Advances in Intrusion Detection, 2004, Springer, New York, pp. 59–81

  73. Twycross, J., Williamson, M.M.: Implementing and testing a virus throttle. In: Usenix Security, 2003

  74. Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: Computer Security Applications Conference, 2002. Proceedings. 18th Annual, 2002. IEEE, pp. 61–68

  75. Mahoney, M.V.: Network traffic anomaly detection based on packet bytes. In: Proceedings of the 2003 ACM symposium on Applied computing, 2003. ACM, pp. 346–350

  76. Dotcenko, S., Vladyko, A., Letenko, I.: A fuzzy logic-based information security management for software-defined networks. In: 16th International Conference on Advanced Communication Technology, 2014. IEEE, pp. 167–171

  77. Kokila, R., Selvi, S.T., Govindarajan, K.: DDoS detection and analysis in SDN-based environment using support vector machine classifier. In: 2014 Sixth International Conference on Advanced Computing (ICoAC), 2014. IEEE, pp. 205–210

  78. DARPA 2000 Scenario Specific dataset. https://www.ll.mit.edulmissionicommunications/cyber/CSTcorporalideval/datal2000/LLSDDOS1.0.html

  79. Chin, T., Mountrouidou, X., Li, X., Xiong, K.: An SDN-supported collaborative approach for DDoS flooding detection and containment. In: MILCOM 2015–2015 IEEE Military Communications Conference, 26–28 Oct 2015, pp. 659–664. https://doi.org/10.1109/MILCOM.2015.7357519

  80. Yang, C.: Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Clust. Comput. 22(4), 8309–8317 (2019)

    Article  Google Scholar 

  81. Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, 2015, vol. 1. IEEE, pp. 310–317

  82. François, J., Festor, O.: Anomaly traceback using software defined networking. In: 2014 IEEE International Workshop on Information Forensics and Security (WIFS), 2014. IEEE, pp. 203–208

  83. Deng, L., Yu, D.: Deep learning: methods and applications. Found. Trends Signal Process. 7(3–4), 197–387 (2014)

    Article  MathSciNet  Google Scholar 

  84. Kwon, D., Kim, H., Kim, J., Suh, S.C., Kim, I., Kim, K.J.: A survey of deep learning-based network anomaly detection. Clust. Comput. (2019). https://doi.org/10.1007/s10586-017-1117-8

    Article  Google Scholar 

  85. Dey, S.K., Rahman, M.M.: Flow based anomaly detection in software defined networking: a deep learning approach with feature selection method. In: 2018 4th International Conference on Electrical Engineering and Information & Communication Technology (iCEEiCT), 2018, IEEE, pp. 630–635

  86. Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN), arXiv preprint arXiv:1611.07400, 2016

  87. Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), 2016. IEEE, pp. 258–263.

  88. Garg, S., Kaur, K., Kumar, N., Rodrigues, J.J.: Hybrid deep-learning-based anomaly detection scheme for suspicious flow detection in SDN: a social multimedia perspective. IEEE Trans. Multimed. 21(3), 566–578 (2019)

    Article  Google Scholar 

  89. Li, J., Zhao, Z., Li, R.: Machine learning-based IDS for software-defined 5G network. IET Netw. 7(2), 53–60 (2017)

    Article  Google Scholar 

  90. da Silva, A.S., Wickboldt, J.A., Granville, L.Z., Schaeffer-Filho, A.: ATLANTIC: a framework for anomaly traffic detection, classification, and mitigation in SDN, in Network Operations and Management Symposium (NOMS), 2016 IEEE/IFIP, 2016. IEEE, pp. 27–35

  91. Pang, C., Jiang, Y., Li, Q.: FADE: detecting forwarding anomaly in software-defined networks. In: 2016 IEEE International Conference on Communications (ICC), 22–27 May 2016, pp. 1–6

  92. Shin, S., Gu, G.: CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?). In 2012 20th IEEE International Conference on Network Protocols (ICNP), 2012. IEEE, pp. 1–6

  93. Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, 2012. ACM, pp. 127–132

  94. Cui, Y., et al.: SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J. Netw. Comput. Appl. 68, 65–79 (2016). https://doi.org/10.1016/j.jnca.2016.04.005

    Article  Google Scholar 

  95. Ding, A.Y., Crowcroft, J., Tarkoma, S., Flinck, H.: Software defined networking for security enhancement in wireless mobile networks. Comput. Netw. 66, 94–101 (2014)

    Article  Google Scholar 

  96. Jin, X., Li, L.E., Vanbever, L., Rexford, J.: Softcell: scalable and flexible cellular core network architecture. In: Proceedings of the ninth ACM Conference on Emerging Networking Experiments and Technologies, 2013. ACM, pp. 163–174

  97. Gudipati, A., Perry, D., Li, L.E., Katti, S.: SoftRAN: software defined radio access network. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, 2013. ACM, pp. 25–30

  98. Bansal, M., Mehlman, J., Katti, S., Levis, P.: Openradio: a programmable wireless dataplane. In: Proceedings of the first workshop on Hot topics in software defined networks, 2012. ACM, pp. 109–114

  99. Shirali-Shahreza, S., Ganjali, Y.: Efficient implementation of security applications in OpenFlow controller with FleXam. In: 2013 IEEE 21st Annual Symposium on High-Performance Interconnects, 2013. IEEE, pp. 49–54

  100. Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)

    Article  Google Scholar 

  101. Seeber, S., Rodosek, G.D.: Improving network security through SDN in cloud scenarios. In: 10th International Conference on Network and Service Management (CNSM) and Workshop, 2014. IEEE, pp. 376–381

  102. Tsugawa, M., Matsunaga, A., Fortes, J.A.: Cloud computing security: what changes with software-defined networking? Secure Cloud Computing, pp. 77–93. Springer, Berlin (2014)

    Chapter  Google Scholar 

  103. Hezavehi, S.M., Rahmani, R.: An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments. Clust. Comput. (2020). https://doi.org/10.1007/s10586-019-03031-y

    Article  Google Scholar 

  104. Martins, J., et al.: ClickOS and the art of network function virtualization. In: Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation, 2014. USENIX Association, pp. 459–473

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Urmia Branch, Islamic Azad University, Urmia, Iran

    Tohid Jafarian, Mohammad Masdari & Kambiz Majidzadeh

  2. Department of Computer Engineering, Tabriz Branch, Islamic Azad University, Tabriz, Iran

    Ali Ghaffari

Authors
  1. Tohid Jafarian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Masdari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ali Ghaffari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kambiz Majidzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Mohammad Masdari or Ali Ghaffari.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jafarian, T., Masdari, M., Ghaffari, A. et al. A survey and classification of the security anomaly detection mechanisms in software defined networks. Cluster Comput 24, 1235–1253 (2021). https://doi.org/10.1007/s10586-020-03184-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-020-03184-1

Keywords

Search

Navigation