Yang, Li; Skjellum, Anthony
College of Engineering and Computer Science
University of Tennessee at Chattanooga
Place of Publication
The emergence of Software-Defined Networking (SDN) has brought along a wave of new technologies and developments in the field of networking with hopes of dealing with network resources more efficiently and providing a foundation of programmability. SDN allows for both flexibility and adaptability by separating the control and data planes in a network environment by virtualizing network hardware. Threat hunting is a technique that allows for the detection of advanced network threats through forensic analysis. We present an advanced threat hunting model by combining the SDN infrastructure with threat hunting techniques and machine learning models aiming to intelligently handle advanced network threats such as lateral movement. We found that our approach outperforms current threat hunting models in vital areas such as the detection to mitigation time. Our results show that we are able to detect advanced threats with 93.4% accuracy and begin mitigation within 10 seconds of detection.
My research and academic career in both my years as a graduate and undergraduate student could not be possible without the ongoing support from incredible professors. First, my professor and advisor Farah Kandah has been invaluable with his continuous support in research and academic guidance. With his guidance I have become more prepared to approach future research work and a career. Second, my professor Li Yang has been a constant support system in pointing me in the right direction in my career and academic pursuits. I can’t say I would be where I am now without the continued help from both professors and many more faculty at the University of Tennessee at Chattanooga. I would also like to thank Anthony Skjellum for both serving on my committee while also providing great insight into the field of computer science.
M. S.; A thesis submitted to the faculty of the University of Tennessee at Chattanooga in partial fulfillment of the requirements of the degree of Master of Science.
Software-defined networking (Computer network technology); Computational intelligence; Computer networks -- Security measures
ix, 38 leaves
Schmitt, Steven, "Advanced threat hunting over software-defined networks in smart cities" (2018). Masters Theses and Doctoral Dissertations.