{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,30]],"date-time":"2026-03-30T12:59:40Z","timestamp":1774875580913,"version":"3.50.1"},"reference-count":69,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2023,2,28]],"date-time":"2023-02-28T00:00:00Z","timestamp":1677542400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,2,28]],"date-time":"2023-02-28T00:00:00Z","timestamp":1677542400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cloud Comp"],"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Network Intrusion Detection Systems (NIDS) and firewalls are the de facto solutions in the modern cloud to detect cyberattacks and minimize potential hazards for tenant networks. Most of the existing firewalls, perimeter security, and middlebox solutions are built on static rules\/signatures or simple rule matching, making them inflexible, susceptible to bugs, and difficult to introduce new services. This paper aims to improve network management in OpenStack Clouds by taking advantage of the combination of software-defined networking (SDN), Network Function Virtualization (NFV), and machine learning\/artificial intelligence (ML\/AI) and for making networks more predictable, reliable, and secure. Artificial intelligence is being used to monitor the behavior of the virtual machines and applications running in the OpenStack SDN cloud so that when any issues or degradations are noticed, the decision can be quickly made on how to handle that issue, being able to analyze data in motion, starting at the edge. The <jats:italic>OpenStackDP<\/jats:italic> framework comprises lightweight monitoring, anomaly-detecting intelligent sensors embedded in the data plane, a threat analytics engine based on ML\/AI algorithms running inside switch hardware\/network co-processor, and defensive actions deployed as virtual network functions (VNFs). This network data plane-based architecture makes high-speed threat detection and rapid response possible and enables a much higher degree of security. We have built the framework with advanced streaming analytics technologies, algorithms, and machine learning to draw knowledge from this data that is in motion before the malicious traffic goes to the tenant compute nodes or long-term data store. Cloud providers and users will benefit from improved Quality-of-Services (QoS) and faster recovery from cyber-attacks and compromised switches. The multi-phase collaborative anomaly detection scheme demonstrates an accuracy of 99.81%, average latencies of 0.27\u2009ms, and response speed within 9\u2009s. The simulations and analysis show that the OpenStackDP network analytics framework substantially secures and outperforms prior SDN-based OpenStack solutions for Cloud architectures.<\/jats:p>","DOI":"10.1186\/s13677-023-00406-w","type":"journal-article","created":{"date-parts":[[2023,3,2]],"date-time":"2023-03-02T11:36:30Z","timestamp":1677756990000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":70,"title":["OpenStackDP: a scalable network security framework for SDN-based OpenStack cloud infrastructure"],"prefix":"10.1186","volume":"12","author":[{"given":"Prabhakar","family":"Krishnan","sequence":"first","affiliation":[]},{"given":"Kurunandan","family":"Jain","sequence":"additional","affiliation":[]},{"given":"Amjad","family":"Aldweesh","sequence":"additional","affiliation":[]},{"given":"P.","family":"Prabu","sequence":"additional","affiliation":[]},{"given":"Rajkumar","family":"Buyya","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,2,28]]},"reference":[{"key":"406_CR1","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1016\/j.jnca.2016.09.002","volume":"75","author":"S Singh","year":"2016","unstructured":"Singh S, Jeong YS, Park JH (2016) A survey on cloud computing security: issues, threats, and solutions. J Netw Comput Appl 75:200\u2013222","journal-title":"J Netw Comput Appl"},{"key":"406_CR2","unstructured":"Data breach investigations report (2019) https:\/\/www.verizon.com\/business\/resources\/reports\/2019-data-breach-investigations-report.pdf. Accessed 24 Feb 2023"},{"key":"406_CR3","doi-asserted-by":"crossref","unstructured":"Jararweh Y, Al-Ayyoub M, Benkhelifa E, Vouk M, Rindos A (2016) Software defined cloud: Survey, system and evaluation. Future Generation Computer Systems 58:56\u201374","DOI":"10.1016\/j.future.2015.10.015"},{"key":"406_CR4","doi-asserted-by":"publisher","unstructured":"McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, Shenker S, Turner J (2008) \u201cOpenFlow: Enabling Innovation in Campus Networks,\u201d ACM SIGCOMM Computer Communication Review 38(2):69\u201374. https:\/\/doi.org\/10.1145\/1355734.1355746","DOI":"10.1145\/1355734.1355746"},{"key":"406_CR5","unstructured":"Open Virtual Network Project. https:\/\/www.ovn.org\/en\/. Accessed 24 Feb 2023"},{"key":"406_CR6","first-page":"897","volume-title":"2018 IEEE international conference on data science and systems","author":"Q Cheng","year":"2018","unstructured":"Cheng Q et al (2018) Guarding the perimeter of cloud-based enterprise networks: an intelligent SDN firewall. In: 2018 IEEE international conference on data science and systems, pp 897\u2013902"},{"key":"406_CR7","unstructured":"Using the Cisco Span Port for traffic analysis. https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/metro\/me3600x_3800x\/software\/release\/15-4_1_S\/configuration\/guide\/3800x3600xscg\/swSPAN.pdf. Accessed 24 Feb 2023"},{"key":"406_CR8","unstructured":"OpenvSwitch. http:\/\/docs.openvswitch.org. Accessed 24 Feb 2023"},{"key":"406_CR9","unstructured":"OpenStack: open-source software for creating private and public clouds. https:\/\/www.openstack.org. Accessed 24 Feb 2023"},{"key":"406_CR10","unstructured":"OpenStack Networking architecture. WWW document. https:\/\/docs.openstack.org\/security-guide\/networking\/architecture.html. Accessed 24 Feb 2023"},{"key":"406_CR11","unstructured":"Hui K (2013) Laying cinder block (volumes) in OpenStack. Part 1: the basics. WWW document. Available at: https:\/\/cloudarchitectmusings.com\/2013\/11\/18\/laying-cinder-block-volumes-in-openstack-part-1-the-basics\/.\u00a0Accessed 24 Feb 2023"},{"key":"406_CR12","unstructured":"OpenStack Docs: TAP as a Service (TAPaaS). https:\/\/docs.openstack.org\/dragonflow\/latest\/specs\/tap_as_a_service.html. Accessed 24 Feb 2023"},{"key":"406_CR13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-20615-4_12","volume-title":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"P Krishnan","year":"2019","unstructured":"Krishnan P, Achuthan K (2019) CloudSDN: enabling SDN framework for security and threat analytics in cloud networks. In: Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 276. Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-030-20615-4_12"},{"key":"406_CR14","unstructured":"Openstack liberty. https:\/\/www.openstack.org\/software\/liberty. Accessed 24 Feb 2023"},{"key":"406_CR15","unstructured":"OpenStack. DevStack. https:\/\/docs.openstack.org\/devstack\/latest\/. Accessed 24 Feb 2023"},{"key":"406_CR16","unstructured":"Urias VE, Van Leeuwen B, Stout WMS, Lin H. \"Applying a Threat model to Cloud Computing\" OSTI.gov, Sandia National Laboratories Albuquerque, New Mexico, https:\/\/www.osti.gov\/servlets\/purl\/1594657. Accessed 24 Feb 2023"},{"key":"406_CR17","unstructured":"Dragonflow- Distributed SDN Controller for OpenStack. https:\/\/www.openstack.org\/software\/releases\/ocata\/components\/dragonflow. Accessed 24 Feb 2023"},{"key":"406_CR18","unstructured":"OpenDaylight. https:\/\/www.opendaylight.org\/. Accessed 24 Feb 2023"},{"key":"406_CR19","unstructured":"networking-odl. http:\/\/events.linuxfoundation.org\/sites\/events\/files\/slides\/networking-odl.pdf. Accessed 24 Feb 2023"},{"key":"406_CR20","unstructured":"https:\/\/www.synopsys.com\/software-integrity\/resources\/analyst-reports\/open-source-security-risk-analysis.html?intcmp=sig-blog-ossra1. Accessed 24 Feb 2023"},{"key":"406_CR21","doi-asserted-by":"publisher","unstructured":"Thimmaraju K, Shastry B, Fiebig T, Hetzelt F, Seifert J-P, Feldmann A, Schmid S (2018) Taking Control of SDN-based Cloud Systems via the Data Plane. In Proceedings of the Symposium on SDN Research (SOSR '18). Association for Computing Machinery, New York, Article 1, 1\u201315. https:\/\/doi.org\/10.1145\/3185467.3185468","DOI":"10.1145\/3185467.3185468"},{"key":"406_CR22","unstructured":"OpenStack Security Guide. http:\/\/docs.openstack.org\/security-guide. Accessed 24 Feb 2023"},{"key":"406_CR23","doi-asserted-by":"crossref","unstructured":"Banikazemi M, Olshefski DP, Shaikh A, Tracey JM, Wang G (2013) Meridian: an SDN platform for cloud network services. IEEE Communications Magazine 51:120-127","DOI":"10.1109\/MCOM.2013.6461196"},{"key":"406_CR24","first-page":"657","volume-title":"International conference on advanced communication control and computing technologies","author":"P Patel","year":"2016","unstructured":"Patel P et al (2016) SDN and NFV integration in openstack cloud to improve network services and security. In: International conference on advanced communication control and computing technologies, pp 657\u2013658"},{"key":"406_CR25","doi-asserted-by":"publisher","unstructured":"Tissir N, El Kafhali S, Aboutabit N (2021) How much your cloud management platform is secure? OpenStack Use Case. https:\/\/doi.org\/10.1007\/978-3-030-66840-2_85","DOI":"10.1007\/978-3-030-66840-2_85"},{"key":"406_CR26","doi-asserted-by":"publisher","first-page":"423","DOI":"10.5220\/0009471304230429","volume-title":"International conference on cloud computing and services science (CLOSER)","author":"N Lane","year":"2020","unstructured":"Lane N, Koslovski G, Pillon M, Miers C, Gonzalez N (2020) Software-defined network security over openstack clouds: a systematic analysis. In: International conference on cloud computing and services science (CLOSER), pp 423\u2013429. https:\/\/doi.org\/10.5220\/0009471304230429"},{"key":"406_CR27","volume-title":"IEEE conference on network softwarization","author":"L Jacquin","year":"2015","unstructured":"Jacquin L, Shaw AL, Dalton C (2015) Towards trusted softwaredefined networks using a hardware-based integrity measurement architecture. In: IEEE conference on network softwarization"},{"key":"406_CR28","doi-asserted-by":"publisher","unstructured":"Liu G, Trotter M, Ren Y, Wood T (2016) NetAlytics: Cloud-Scale Application Performance Monitoring with SDN and NFV. In Proceedings of the 17th International Middleware Conference (Middleware '16). Association for Computing Machinery, New York, Article 8, 1\u201314. https:\/\/doi.org\/10.1145\/2988336.2988344","DOI":"10.1145\/2988336.2988344"},{"key":"406_CR29","first-page":"233","volume-title":"IFIP\/IEEE symposium on integrated network and service management","author":"S Jeong","year":"2019","unstructured":"Jeong S, Yoo J, Hong JW (2019) Design and implementation of virtual TAP for SDN-based OpenStack networking. In: IFIP\/IEEE symposium on integrated network and service management, pp 233\u2013241"},{"issue":"10","key":"406_CR30","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1109\/MCOM.2016.7588275","volume":"54","author":"F Callegati","year":"2016","unstructured":"Callegati F, Cerroni W, Contoli C, Cardone R, Nocentini M, Manzalini A (2016) SDN for dynamic NFV deployment. IEEE Commun Mag 54(10):89\u201395","journal-title":"IEEE Commun Mag"},{"key":"406_CR31","unstructured":"SONA: DC Network Virtualization, The Open Network Operating System (ONOS). https:\/\/wiki.onosproject.org\/display\/ONOS\/SONA%3A+DC+Network+Virtualization. Accessed 24 Feb 2023"},{"key":"406_CR32","first-page":"1","volume-title":"2017 IEEE 2nd international conference on big data analysis (ICBDA)","author":"Y Chi","year":"2017","unstructured":"Chi Y, Jiang T, Li X, Gao C (2017) Design and implementation of cloud platform intrusion prevention system based on SDN. In: 2017 IEEE 2nd international conference on big data analysis (ICBDA), pp 1\u20136"},{"key":"406_CR33","volume-title":"2018 IEEE international conference on communications (ICC)","author":"F Foresta","year":"2018","unstructured":"Foresta F et al (2018) Improving OpenStack networking: advantages and performance of native SDN integration. In: 2018 IEEE international conference on communications (ICC)"},{"key":"406_CR34","doi-asserted-by":"publisher","first-page":"450","DOI":"10.1109\/ICNC47757.2020.9049480","volume-title":"2020 international conference on computing, networking and communications (ICNC)","author":"C Xu","year":"2020","unstructured":"Xu C, Zhang R, Xie M, Yang L (2020) Network intrusion detection system as a service in OpenStack Cloud. In: 2020 international conference on computing, networking and communications (ICNC), pp 450\u2013455. https:\/\/doi.org\/10.1109\/ICNC47757.2020.9049480"},{"key":"406_CR35","doi-asserted-by":"publisher","first-page":"2297","DOI":"10.1016\/j.procs.2020.03.282","volume":"167","author":"KB Virupakshar","year":"2020","unstructured":"Virupakshar KB et al (2020) Distributed denial of service (DDoS) attacks detection system for OpenStack-based private cloud. Procedia Comput Sci 167:2297\u20132307","journal-title":"Procedia Comput Sci"},{"key":"406_CR36","doi-asserted-by":"crossref","unstructured":"Benet CH, et al (2017) \u201cOpenStackEmu \u2014 A cloud testbed combining network emulation with OpenStack and SDN.\u201d 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC), 566-568","DOI":"10.1109\/CCNC.2017.7983169"},{"key":"406_CR37","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1109\/CCGrid.2015.87","volume-title":"IEE\/ACM international symposium on cluster, cloud and grid computing","author":"J Son","year":"2015","unstructured":"Son J, Dastjerdi AV, Calheiros RN, Ji X, Yoon Y, Buyya R (2015) CloudSimSDN: modeling and simulation of software-defined cloud data centers. In: IEE\/ACM international symposium on cluster, cloud and grid computing, pp 475\u2013484. https:\/\/doi.org\/10.1109\/CCGrid.2015.87"},{"key":"406_CR38","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1016\/j.comcom.2016.12.014","volume":"102, C","author":"A Malik","year":"2017","unstructured":"Malik A, Ahmed J, Qadir J, Ilyas MU (2017) A measurement study of open source SDN layers in OpenStack under network perturbation. Comput Commun 102, C:139\u2013149","journal-title":"Comput Commun"},{"key":"406_CR39","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1109\/BigDataSecurity-HPSC-IDS49724.2020.00037","volume-title":"2020 IEEE 6th Intl conference on big data security on cloud (BigDataSecurity)","author":"J Li","year":"2020","unstructured":"Li J, Jiang H, Jiang W, Wu J, Du W (2020) SDN-based stateful firewall for cloud. In: 2020 IEEE 6th Intl conference on big data security on cloud (BigDataSecurity), pp 157\u2013161. https:\/\/doi.org\/10.1109\/BigDataSecurity-HPSC-IDS49724.2020.00037"},{"key":"406_CR40","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1109\/CLOUD.2016.0017","volume-title":"2016 IEEE 9th international conference on cloud computing (CLOUD)","author":"Y Luo","year":"2016","unstructured":"Luo Y, Luo W, Puyang T, Shen Q, Ruan A, Wu Z (2016) OpenStack security modules: a least-invasive access control framework for the cloud. In: 2016 IEEE 9th international conference on cloud computing (CLOUD), pp 51\u201358. https:\/\/doi.org\/10.1109\/CLOUD.2016.0017"},{"key":"406_CR41","doi-asserted-by":"crossref","unstructured":"Jin X, Krishnan R, Sandhu R (2014)\u00a0\u201cRole and attribute based collaborative administration of intra-tenant cloud IaaS.\u201d 10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, 261-274","DOI":"10.4108\/icst.collaboratecom.2014.257591"},{"key":"406_CR42","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-16-2094-2_12","volume-title":"Lecture notes in networks and systems","author":"XT Hoang","year":"2021","unstructured":"Hoang XT, Bui ND (2021) An Implementation of Firewall as a Service for OpenStack Virtualization Systems. ICISN 2021. In: Lecture notes in networks and systems, vol 243. Springer, Singapore. https:\/\/doi.org\/10.1007\/978-981-16-2094-2_12"},{"key":"406_CR43","doi-asserted-by":"publisher","first-page":"8292","DOI":"10.1109\/ACCESS.2018.2797214","volume":"6","author":"IH Abdulqadder","year":"2018","unstructured":"Abdulqadder IH, Zou D, Aziz IT, Yuan B, Li W (2018) SecSDN-cloud: defeating vulnerable attacks through secure software-defined networks. IEEE Access 6:8292\u20138301. https:\/\/doi.org\/10.1109\/ACCESS.2018.2797214","journal-title":"IEEE Access"},{"key":"406_CR44","doi-asserted-by":"publisher","first-page":"560","DOI":"10.1109\/CLOUD.2017.77","volume-title":"2017 IEEE international conference on cloud computing (CLOUD)","author":"B Benjamin","year":"2017","unstructured":"Benjamin B, Coffman J, Esiely-Barrera H, Farr K, Fichter D, Genin D, Glendenning L, Hamilton P, Harshavardhana S, Hom R, Poulos B, Reller N (2017) Data protection in OpenStack. In: 2017 IEEE international conference on cloud computing (CLOUD), pp 560\u2013567"},{"key":"406_CR45","doi-asserted-by":"publisher","first-page":"119346","DOI":"10.1109\/ACCESS.2020.3004258","volume":"8","author":"PT Dinh","year":"2020","unstructured":"Dinh PT, Park M (2020) ECSD: enhanced compromised switch detection in an SDN-based cloud through multivariate time-series analysis. IEEE Access 8:119346\u2013119360. https:\/\/doi.org\/10.1109\/ACCESS.2020.3004258","journal-title":"IEEE Access"},{"key":"406_CR46","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1109\/SCC.2016.57","volume-title":"2016 IEEE International Conference on Services Computing (SCC)","author":"X Du","year":"2016","unstructured":"Du X, Lv Z, Wu J, Wu C, Chen S (2016) PDSDN: a policy-driven SDN controller improving scheme for multi-tenant cloud datacenter environments. In: 2016 IEEE International Conference on Services Computing (SCC), pp 387\u2013394. https:\/\/doi.org\/10.1109\/SCC.2016.57"},{"key":"406_CR47","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1016\/j.comcom.2019.09.014","volume":"148","author":"P Krishnan","year":"2019","unstructured":"Krishnan P, Duttagupta S, Achuthan K (2019) VARMAN: multi-plane security framework for software-defined networks. Comput Commun 148:215\u2013239. https:\/\/doi.org\/10.1016\/j.comcom.2019.09.014","journal-title":"Comput Commun"},{"key":"406_CR48","doi-asserted-by":"publisher","first-page":"103196","DOI":"10.1016\/j.jnca.2021.103196","volume":"193","author":"P Krishnan","year":"2021","unstructured":"Krishnan P, Duttagupta S, Buyya R (2021) OpenPATH: application-aware high-performance software-defined switching framework. J Netw Comput Appl 193:103196, ISSN 1084-8045. https:\/\/doi.org\/10.1016\/j.jnca.2021.103196","journal-title":"J Netw Comput Appl"},{"key":"406_CR49","unstructured":"Real World threat modeling using the PASTA methodology. https:\/\/www.owasp.org\/images\/a\/aa\/AppSecEU2012_PASTA.pdf. Accessed 2 Jan 2022"},{"key":"406_CR50","unstructured":"Mininet. An instant virtual network on your laptop. http:\/\/mininet.org\/. Accessed 24 Feb 2023"},{"key":"406_CR51","doi-asserted-by":"publisher","first-page":"6087","DOI":"10.1109\/ACCESS.2019.2963449","volume":"8","author":"X Zhang","year":"2020","unstructured":"Zhang X, You J (2020) A gated dilated causal convolution based encoder-decoder for network traffic forecasting. IEEE Access 8:6087\u20136097. https:\/\/doi.org\/10.1109\/ACCESS.2019.2963449","journal-title":"IEEE Access"},{"key":"406_CR52","doi-asserted-by":"publisher","first-page":"497","DOI":"10.1007\/978-3-030-30490-4_40","volume-title":"International conference on artificial neural networks","author":"B Pf\u00fclb","year":"2019","unstructured":"Pf\u00fclb B, Hardegen C, Gepperth A, Rieger S (2019) A study of deep learning for network traffic data forecasting. In: International conference on artificial neural networks, pp 497\u2013512. https:\/\/doi.org\/10.1007\/978-3-030-30490-4_40"},{"key":"406_CR53","doi-asserted-by":"publisher","first-page":"629","DOI":"10.1016\/j.ins.2019.10.018","volume":"512","author":"SH Mousavi","year":"2020","unstructured":"Mousavi SH, Khansari M, Rahmani R (2020) A fully scalable big data framework for botnet detection based on network traffic analysis. Inf Sci 512:629\u2013640. https:\/\/doi.org\/10.1016\/j.ins.2019.10.018","journal-title":"Inf Sci"},{"key":"406_CR54","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-13-5826-5_7","volume-title":"SSCC 2018. Communications in computer and information science","author":"P Krishnan","year":"2019","unstructured":"Krishnan P, Achuthan K (2019) Managing network functions in stateful application-aware SDN, security in computing and communications. In: SSCC 2018. Communications in computer and information science, vol 969. Springer, Singapore. https:\/\/doi.org\/10.1007\/978-981-13-5826-5_7"},{"key":"406_CR55","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04843-2_32","volume-title":"Advances in computation and intelligence. ISICA 2009. Lecture notes in computer science","author":"W Lu","year":"2009","unstructured":"Lu W, Tong H (2009) Detecting network anomalies using CUSUM and EM clustering. In: Cai Z, Li Z, Kang Z, Liu Y (eds) Advances in computation and intelligence. ISICA 2009. Lecture notes in computer science, vol 5821. Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/978-3-642-04843-2_32"},{"key":"406_CR56","unstructured":"networking-sfc. https:\/\/opendev.org\/openstack\/networking-sfc. Accessed 24 Feb 2023"},{"key":"406_CR57","unstructured":"Tavallae M, Bagheri E, Lu W, Ghorbani AA. Nsl-Kdd dataset.\u00a0http:\/\/www.unb.ca\/research\/iscx\/dataset\/iscx-NSL-KDD-dataset.html. Accessed 24 Feb 2023"},{"key":"406_CR58","doi-asserted-by":"crossref","unstructured":"Sharafaldin I, Lashkari AH, Ghorbani AA (2018)\u00a0\"Toward generating a new intrusion detection dataset and intrusion traffic characterization,\"\u00a0International Conference on Information Systems Security and Privacy, pp 108\u2013116","DOI":"10.5220\/0006639801080116"},{"key":"406_CR59","volume-title":"The hogzilla dataset","author":"PAA Resende","year":"2018","unstructured":"P.A.A. Resende, A.C. Drummond, The hogzilla dataset, http:\/\/ids-hogzilla.org\/dataset. 2018"},{"key":"406_CR60","volume-title":"CSE-CIC-IDS2018 on AWS","author":"University of New Brunswick","year":"2018","unstructured":"University of New Brunswick. CSE-CIC-IDS2018 on AWS. 2018. Available: https:\/\/www.unb.ca\/cic\/datasets\/ids-2018.html"},{"key":"406_CR61","volume-title":"DDoS evaluation dataset (CICDDoS2019)","author":"University of New Brunswick","year":"2019","unstructured":"University of New Brunswick (2019) DDoS evaluation dataset (CICDDoS2019). unb.ca Available: https:\/\/www.unb.ca\/cic\/datasets\/ddos-2019.html"},{"key":"406_CR62","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1145\/3314148.3314352","volume-title":"Proceedings of the 2019 ACM symposium on SDN research","author":"HH Hamza","year":"2019","unstructured":"Hamza HH, Gharakheili TA, Benson, Sivaraman V (2019) Detecting volumetric attacks on lot devices via sdn-based monitoring of mud activity. In: Proceedings of the 2019 ACM symposium on SDN research, pp 36\u201348"},{"key":"406_CR63","unstructured":"OpenStack Tempest. https:\/\/github.com\/openstack\/tempest. Accessed 24 Feb 2023"},{"key":"406_CR64","volume-title":"OF-Config and OVSDB in IEEE ICCE 2014 (July 2014)","author":"M Brandt","year":"2014","unstructured":"Brandt M et al (2014) Security analysis of software defined networking protocols OpenFlow. In: OF-Config and OVSDB in IEEE ICCE 2014 (July 2014)"},{"key":"406_CR65","doi-asserted-by":"publisher","unstructured":"Tasch M, Khondoker R, Marx R, Bayarou K (2014) Security Analysis of Security Applications for Software Defined Networks. In Proceedings of the 10th Asian Internet Engineering Conference (AINTEC '14). Association for Computing Machinery, New York, 23\u201330. https:\/\/doi.org\/10.1145\/2684793.2684797","DOI":"10.1145\/2684793.2684797"},{"key":"406_CR66","unstructured":"Ring M, Wunderlich S, Gr\u00fcdl D, Landes D, Hotho A (2017) Flow-based benchmark data sets for intrusion detection. Proceedings of the 16th European Conference on Cyber Warfare and Security, p 361\u2013369"},{"key":"406_CR67","first-page":"599","volume-title":"2004 IEEE\/IFIP network operations and management symposium (IEEE Cat. No. 04CH37507)","author":"M Kim","year":"2004","unstructured":"Kim M, Kong H, Hong S, Chung S, Hong JW (2004) A flow-based method for abnormal network traffic detection. In: 2004 IEEE\/IFIP network operations and management symposium (IEEE Cat. No. 04CH37507), vol 1, pp 599\u2013612"},{"key":"406_CR68","doi-asserted-by":"publisher","first-page":"2042","DOI":"10.1016\/j.asoc.2010.07.002","volume":"11","author":"E Corchado","year":"2011","unstructured":"Corchado E, Herrero \u00c1 (2011) Neural visualization of network traffic data for intrusion detection. Appl Soft Comput 11:2042\u20132056. https:\/\/doi.org\/10.1016\/j.asoc.2010.07.002","journal-title":"Appl Soft Comput"},{"key":"406_CR69","unstructured":"CVE security vulnerability database. Security vulnerabilities, exploits, references, and more. https:\/\/www.cvedetails.com\/. Accessed 24 Feb 2023"}],"container-title":["Journal of Cloud Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s13677-023-00406-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s13677-023-00406-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s13677-023-00406-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,3,2]],"date-time":"2023-03-02T11:36:55Z","timestamp":1677757015000},"score":1,"resource":{"primary":{"URL":"https:\/\/journalofcloudcomputing.springeropen.com\/articles\/10.1186\/s13677-023-00406-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,2,28]]},"references-count":69,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2023,12]]}},"alternative-id":["406"],"URL":"https:\/\/doi.org\/10.1186\/s13677-023-00406-w","relation":{},"ISSN":["2192-113X"],"issn-type":[{"value":"2192-113X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,2,28]]},"assertion":[{"value":"24 June 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 February 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 February 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"26"}}