Cyber Defense Framework for Software-Defined Tactical Networks

This technical report presents a comprehensive framework aimed at enhancing the security of Software-defined Tactical Networks (SDTNs) against cyber threats. It introduces three distinct agents: the Cyber Attack Agent (CAA), the Cyber Defense Agent (CDA), and the Network Manipulation Agent (NMA). The CAA simulates various cyber attacks, including network reconnaissance and Distributed Denial-of-Service (DDOS) attacks, to evaluate the effectiveness of the CDA. The CDA employs either a threshold-based mechanism or a machine learning model for anomaly detection and response. The NMA supports the CDA by modifying network conditions to test its resilience. The framework's effectiveness is assessed across multiple network topologies, analyzing metrics such as anomaly detection accuracy and attack efficiency. Additionally, the report discusses the challenges of integrating SDN into tactical networks, including vulnerabilities and management overhead, and proposes strategies for rapid identification and mitigation of abnormal activities to ensure network functionality.