Experiment-based detection of service disruption attacks in optical networks using data analytics and unsupervised learning
Paper i proceeding, 2019

The paper addresses the detection of malicious attacks targeting service disruption at the optical layer as a key prerequisite for fast and effective attack response and network recovery. We experimentally demonstrate the effects of signal insertion attacks with varying intensity in a real-life scenario. By applying data analytics tools, we analyze the properties of the obtained dataset to determine how the relationships among different optical performance monitoring (OPM) parameters of the signal change in the presence of an attack as opposed to the normal operating conditions. In addition, we evaluate the performance of an unsupervised learning technique, i.e., a clustering algorithm for anomaly detection, which can detect attacks as anomalies without prior knowledge of the attacks. We demonstrate the potential and the challenges of unsupervised learning for attack detection, propose guidelines for attack signature identification needed for the detection of the considered attack methods, and discuss remaining challenges related to optical network security.

anomaly de- tection.

Optical network security

dataset exploration

data analytics

unsupervised learning

Författare

Marija Furdek Prekratic

Chalmers, Elektroteknik, Kommunikations- och antennsystem, Optiska nätverk

Carlos Natalino Da Silva

Chalmers, Elektroteknik, Kommunikations- och antennsystem, Optiska nätverk

Marco Schiano

Telecom

Andrea Di Giglio

Telecom

Metro and Data Center Optical Networks and Short-Reach Links II; 109460D

0277-786x (ISSN) 1996-756x (eISSN)

Vol. 10946

SPIE OPTO, 2019
San Francisco, USA,

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Signalbehandling

Datavetenskap (datalogi)

Datorsystem

DOI

10.1117/12.2509613

Mer information

Senast uppdaterat

2020-03-16