Enhanced Attack Aware Security Provisioning Scheme in SDN/NFV Enabled over 5G Network

Abstract

Software Defined Network (SDN) and Network Function Virtualization (NFV) are essential technologies that support next generation 5G networks. Security provisioning in 5G network is major issue due to involvement of numerous users. To provide security against major attacks in SDN and NFV enabled 5G network, in this paper an enhanced attack aware security provisioning scheme is proposed. In this work, security is provided by following process: (i) Initial Authentication process, (ii) Classification of packets, and (iii) Switch migration process. Initial authentication is performed at Access Point (AP) for each user by Secure ID based Authentication (SIA) scheme. The suspected packets are detected in controller and classified at Virtual Network Function (VNF). For packet classification, the optimal packet features are selected using Genetic Algorithm with Correlation (GAC) based feature selection algorithm. We have proposed a Radial Basis Function with Extreme Learning Machine (RBF-ELM) classifier. Then, the malicious packets are dropped at VNF and normal packets are redirected to destination address through controller. To mitigate flow table overloading attack, we have presented an Enhanced Artificial Bee Colony (EABC) algorithm in controller. Experimental result shows that our proposed security provisioning scheme shows better performance in terms of delay, amount of redirected packets, detection accuracy, packet transmission rate and packet loss ratio.