Design of network intrusion prevention system based on SDN

被引:0
|
作者
Gong J. [1 ]
Jin L. [1 ]
机构
[1] School of Computer Science and Engineering, Southeast University, Nanjing
来源
| 2016年 / Huazhong University of Science and Technology卷 / 44期
关键词
Botnet; Intrusion prevention; OpenFlow flow entries; Packet capture; Software define network (SDN);
D O I
10.13245/j.hust.161101
中图分类号
学科分类号
摘要
To solve high cost and poor adaptability by using traditional firewall or intrusion prevention devices in network attack prevention, the intrusion prevention rules were designed based on OpenFlow protocol, filtration of attack traffic and flexible control over the process of intrusion prevention were achieved. The performance of generate OpenFlow flow entries based on intrusion prevention rules was analyzed and measured. By using OpenFlow switch (H3C S6300), the effect of number of OpenFlow flow entries and Openflow packet per second (OpenFlow PPS) was measured in the production environment. It is found that as the decisive role of OpenFlow PPS in OpenFlow Channel performance, with the increase of OpenFlow PPS, OpenFlow Channel performance is sharp declined, and response time grows exponentially. Finally, the network intrusion prevention system was designed and implemented based on SDN, intrusion prevention and packet capture was achieved, and the feasibility of using the SDN technology to build intrusion prevention system was demonstrated. © 2016, Editorial Board of Journal of Huazhong University of Science and Technology. All right reserved.
引用
收藏
页码:1 / 6
页数:5
相关论文
共 9 条
  • [1] OpenDaylight
  • [2] Paxson V., The bro network security monitor
  • [3] Build SDN agilely
  • [4] The OpenFlow switch specification
  • [5] Atarajan S., Huang X., Wolf T., Efficient conflict detection in flow-based virtualized networks, Computing, Networking and Communications (ICNC), pp. 690-696, (2012)
  • [6] Qazi Z.A., Tu C.C., Chiang L., Et al., SIMPLE-fying middlebox policy enforcement using SDN, ACM SIGCOMM Computer Communication Review, 43, 4, pp. 27-38, (2013)
  • [7] Handigol N., Seetharaman S., Flajslik M., Et al., Plug-n-Serve: load-balancing web traffic using OpenFlow, ACM Sigcomm Demo, 4, 5, pp. 6-13, (2009)
  • [8] Wang P., Sparks S., Zou C.C., An advanced hybrid peer-to-peer botnet, IEEE Transactions on Dependable and Secure Computing, 7, 2, pp. 113-143, (2010)
  • [9] Hoque N., Bhattacharyya D.K., Kalita J.K., Botnet in ddos attacks: trends and challenges, IEEE Communications Surveys and Tutorials, 17, 4, pp. 2242-2270, (2015)
1