Publication Date

Spring 2017

Degree Type


Degree Name

Master of Science (MS)


Computer Engineering


Younghee Park


Intelligent threat response, Network intrusion detection, Reinforcement learning, Software-defined networks

Subject Areas

Computer engineering


Software-defined networks decouple the control plane from the data plane, enabling researchers to evaluate protocols and network configurations through the centralized point of control, the controller. They provide easy management and automation, scalability, and flexibility in the traditional computer network. In spite of these advantages, software-defined networks fall prey to various denial-of-service attacks specific to network protocols and applications despite their simplicity. There is a need to implement intelligence in the controller as a countermeasure for not only the various types of denial-of-service attacks but also the increasing sophistication involved in them. In this paper, an intelligent threat-aware response system is proposed for defending against any attack by using reinforcement learning. Reinforcement learning can acquire intelligence for detection and reactive actions through experience with various attacks. This experience is obtained from interactions with the computer network through the controller. With the combination of reinforcement learning and the software-defined networking controller, the goal of the autonomous threat response system can be achieved.