On Detection and Prevention of Zero-Day Attack Using Cuckoo Sandbox in Software-Defined Networks

On Detection and Prevention of Zero-Day Attack Using Cuckoo Sandbox in Software-Defined Networks

Huthifh Al-Rushdan1, Mohammad Shurman2, and Sharhabeel Alnabelsi3,4

1Computer Engineering Depatmenr, Jordan University of Science and Technology, Jordan

2Network Engineering and Security Department, Jordan University of Science and Technology, Jordan

3Computer Engineering Department, Al-Balqa Applied University, Jordan

4Computer Engineering Department, AL Ain University, United Arab Emirates

Abstract: Networks attacker may identify the network vulnerability within less than one day; this kind of attack is known as zero-day attack. This undiscovered vulnerability by vendors empowers the attacker to affect or damage the network operation, because vendors have less than one day to fix this new exposed vulnerability. The existing defense mechanisms against the zero-day attacks focus on the prevention effort, in which unknown or new vulnerabilities typically cannot be detected. To the best of our knowledge the protection mechanism against zero-day attack is not widely investigated for Software-Defined Networks (SDNs). Thus, in this work we are motivated to develop a new zero-day attack detection and prevention mechanism for SDNs by modifying Cuckoo sandbox tool. The mechanism is implemented and tested under UNIX system. The experiments results show that our proposed mechanism successfully stops the zero-day malwares by isolating the infected clients, in order to prevent the malwares from spreading to other clients. Moreover, results show the effectiveness of our mechanism in terms of detection accuracy and response time.

Keywords: Zero-day attack, Malwares, Controller, Intrusion Detection System, Cuckoo Sandbox, Software-Defined Networks.

Received March 1, 2020; accepted June 9, 2020

https://doi.org/10.34028/iajit/17/4A/11
Read 1197 times Last modified on Tuesday, 28 July 2020 01:00
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…