Experiment-based detection of service disruption attacks in optical networks using data analytics and unsupervised learning
Paper i proceeding, 2019

The paper addresses the detection of malicious attacks targeting service disruption at the optical layer as a key prerequisite for fast and effective attack response and network recovery. We experimentally demonstrate the effects of signal insertion attacks with varying intensity in a real-life scenario. By applying data analytics tools, we analyze the properties of the obtained dataset to determine how the relationships among different optical performance monitoring (OPM) parameters of the signal change in the presence of an attack as opposed to the normal operating conditions. In addition, we evaluate the performance of an unsupervised learning technique, i.e., a clustering algorithm for anomaly detection, which can detect attacks as anomalies without prior knowledge of the attacks. We demonstrate the potential and the challenges of unsupervised learning for attack detection, propose guidelines for attack signature identification needed for the detection of the considered attack methods, and discuss remaining challenges related to optical network security.

unsupervised learning

data analytics

dataset exploration

Optical network security

anomaly de- tection.

Författare

Marija Furdek Prekratic

Chalmers, Elektroteknik, Kommunikations- och antennsystem, Optiska nätverk

Carlos Natalino Da Silva

Chalmers, Elektroteknik, Kommunikations- och antennsystem, Optiska nätverk

Marco Schiano

Andrea Di Giglio

Metro and Data Center Optical Networks and Short-Reach Links II; 109460D

0277-786x (ISSN) 1996-756x (eISSN)

Vol. 10946

SPIE OPTO, 2019
San Francisco, USA,

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Signalbehandling

Datavetenskap (datalogi)

Datorsystem

DOI

10.1117/12.2509613

Mer information

Skapat

2019-12-15