ABSTRACT Characterization of data network monitoring registers allows for reductions in the number of data, which is essential when the information flow is high, and implementation of processes with short response times, such as interchange of control information between devices and anomaly detection is required. The present investigation applied wavelet transforms, so as to characterize the statistic monitoring register of a software-defined network. Its main contribution lies in the obtention of a record that, although reduced, retains detailed, essential information for the correct application of anomaly detectors. KEYWORDS Characterization, wavelet transform, network monitoring, anomaly detectors, Software-defined Networking (SDN). Full Details: http://aircconline.com/ijcsit/V11N2/11219ijcsit08.pdf Abstract Url: http://aircconline.com/abstract/ijcsit/v11n2/11219ijcsit08.html

1. Reduction of Monitoring Records
On Software Defined Network
Luz Angela Aristizábal Q
Nicolás Toro G
Universidad Nacional de Colombia
International Journal of Computer Science & Information
Technology (IJCSIT)
(INSPEC INDEXING)
ISSN: 0975-3826(online); 0975-4660 (Print)
http://airccse.org/journal/ijcsit.html

2. Index
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
0. Contextualization (Why ? ): Software Define Network
1. Statistics on SDN.
2. Characterization
3. Anormaly Detection Method
4. Results
5. Conclusions

3. Why ?
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
https://es.123rf.com/imagenes-de-
archivo/datos_personales.html?sti=mbcmeau2h8mh1xg3ui|&mediapopup=28502403
Reducing
And
Intelligibility
Where was the origin?

4. What does we want achive ?
International Journal of Computer Science & Information Technology (IJCSIT). April 2019

5. Software Defined Networks
International Journal of Computer Science & Information Technology (IJCSIT). April 2019

6. Statistical Messages
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Statistics Request message
Statistics Reply message
• Received packets
• Received Bytes
• Duration
• Sended Packets
• Sended Bytes.

7. Characterization: Wavelet Transform
International Journal of Computer Science & Information Technology (IJCSIT). April 2019

8. International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Parameters
TWD
Anomaly
Detection
Contrast
Statistical Information
Phases

9. International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Parameter (i)
2048 samples

10. International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Anomaly Detection
Gaussian model
e
x
xp 




2
)(
2
1
),;( 2
2
2



 

m
j
i
ji xm 1
1
  

m
ji
i
i
jm x1
2
)(
21


11. Results
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
0 50 100 150 200 250
8
10
12
14
16
overlapping. Original Register (blue) .vs. Sythesized register (red)
TransmitedBytes(MB)
i
0 50 100 150 200 250
-5
0
5
10
15
Original Register .vs. Sythesized register
TransmitedBytes(MB)
i
Original Synthetized register

12. International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Evaluation
Reduced register
Anomaly Detect

13. International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Conclusions
• The algorithm of reduction has a compression factor of at least a
50%. It retains the atypical behaviour of statistics data
generated by the Openflow switch, which reduces the execution
time of an anomaly detector.
• The results of this work leave a door open for the analysis of the
effectiveness of other wavelet bases in the reduction of the
length of the statistical parameters in Software Defined
Networks. Since this work only used the "daubechies" wavelet,
evaluating other base wavelets could lead to a better reduction
rate.

14. References (1)
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
Ibidunmoye, Olumuyiwa, Hernandez R Francisco, Elmrot Erick .(2015) “Performance
Anomaly Detection and Bottleneck Identification”. ACM Computing Surveys, Vol. 48, No. 1,
Article 4.
M, Jammal, T. Singh, A. Shami, R.l Asal, Y. Li, (2014) "Software defined networking: State of
the art and research challenges", Computer Networks.
Dabbagh, B.Hamdaoui, M. Guizani, and A. Rayes,(2015) "Software-Defined Networking
Security: Pros and Cons", IEEE Communications Magazine
N, S. Bailey, Deepak Bansal, Linda Dunbar, Dave Hood, Zoltán Lajos Kis, (2012) "SDN
Architecture Overview”. Open Network Foundation. .
(https://www.opennetworking.org/images/stories/downloads/sdn-resources/technical-
reports/SDN-architecture-overview-1.0.pdf)

15. References (2)
International Journal of Computer Science & Information Technology (IJCSIT). April 2019
K. Giotis, C. Argyropoulos, G. Androulidakis, D. Kalogeras, V. Maglaris, (2014) "Combining
OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on
SDN environments”, Computer pag. 122–136
L. Jose, M. Yu, and J. Rexford, (2011) “Online measurement of large traffic aggregates on
commodity switches”, in Proc. of the USENIX workshop.
Stéphane. Mallat, (2008) “A wavelet tour of signal processing”. Academic Press, USA.
L. Kalinichemko, I. Shanin, I. Taraban,(2014) "Methods for Anormaly Detection: a Survey",
Advanced Methodos and Technologies, digital collections. Pag. 20-25.
M. Dabagh, B. Handaoul, M. Guizani, A. Rayes, (2015) "Software-Defined Networking Security:
Pro and Cons”, IEEE Communications Magazine. pags. 73-79.