TY - GEN
T1 - DFIPS
T2 - 28th International Conference on Software Engineering and Knowledge Engineering, SEKE 2016
AU - Jia, Xuesong
AU - Ren, Danni
AU - Yang, Yitao
AU - Li, Huakang
AU - Sun, Guozi
N1 - Publisher Copyright:
Copyright © 2016 by KSI Research Inc. and Knowledge Systems Institute Graduate School.
PY - 2016
Y1 - 2016
N2 - With the evolution of the innovative software defined network (SDN), security issues have been taken into consideration. Intrusion prevention system (IPS) has widely deployed as a crucial measure in traditional network architecture to protect network from malignity. In spite of good capability of protection, IPS is still complained in many aspects, such as fixed deployment, single-point-detection and low utilization rate. In this paper, we propose a distributed flexible intrusion prevention system in software defined network (DFIPS). Our proposed DFIPS has three main modules: a classifier, a detector pool and a control agent. The classifier is in charge of slicing traffic. The detector pool then generates several detector nodes for detecting. The control agent interacts with the classifier and the detector pool, as well as higher level SDN controller APPs and OpenFlow switches. DFIPS integrating with SDN controller can easily achieve good load balancing among DFIPSs without repetitive deployment. We evaluate the two forms of DFIPS interaction and latency to show the advantage of DFIPS. In future, we would implement a more comprehensive DFIPS emulation to prove feasibility. We believe that the proposed DFIPS will be adapted in real networks eventually.
AB - With the evolution of the innovative software defined network (SDN), security issues have been taken into consideration. Intrusion prevention system (IPS) has widely deployed as a crucial measure in traditional network architecture to protect network from malignity. In spite of good capability of protection, IPS is still complained in many aspects, such as fixed deployment, single-point-detection and low utilization rate. In this paper, we propose a distributed flexible intrusion prevention system in software defined network (DFIPS). Our proposed DFIPS has three main modules: a classifier, a detector pool and a control agent. The classifier is in charge of slicing traffic. The detector pool then generates several detector nodes for detecting. The control agent interacts with the classifier and the detector pool, as well as higher level SDN controller APPs and OpenFlow switches. DFIPS integrating with SDN controller can easily achieve good load balancing among DFIPSs without repetitive deployment. We evaluate the two forms of DFIPS interaction and latency to show the advantage of DFIPS. In future, we would implement a more comprehensive DFIPS emulation to prove feasibility. We believe that the proposed DFIPS will be adapted in real networks eventually.
KW - Intrusion prevention system (IPS)
KW - OpenFlow
KW - Software defined network (SDN)
UR - http://www.scopus.com/inward/record.url?scp=84988358004&partnerID=8YFLogxK
U2 - 10.18293/SEKE2016-139
DO - 10.18293/SEKE2016-139
M3 - Conference Proceeding
AN - SCOPUS:84988358004
T3 - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
SP - 124
EP - 127
BT - Proceedings - SEKE 2016
PB - Knowledge Systems Institute Graduate School
Y2 - 1 July 2016 through 3 July 2016
ER -