Intrusion Detection System based on Software Defined Network Firewall

Software Defined Network is an architecture that focuses on the separation of control plane and data plane in order to make networks programmable and scalable. Currently Openflow is the most widely used SDN protocol. It has provided flexibility to the networking environment and had made it simpler and easy to optimize. SDN is a major area of research however; in the current scenario the field of security is relatively under exploited. The paper describes an intrusion detection mechanism for Openflow based Software defined networks. The study focuses on developing a packet filtering firewall over a Software Defined Network controller namely Floodlight and the application of association rules to find the patterns among the data passing through the firewall. The patterns recorded serve as the motivation behind the development of an Anomaly based intrusion detection mechanism.