DFIPS: Toward distributed flexible intrusion prevention system in software defined network

Xuesong Jia, Danni Ren, Yitao Yang, Huakang Li, Guozi Sun

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review

1 Citation (Scopus)

Abstract

With the evolution of the innovative software defined network (SDN), security issues have been taken into consideration. Intrusion prevention system (IPS) has widely deployed as a crucial measure in traditional network architecture to protect network from malignity. In spite of good capability of protection, IPS is still complained in many aspects, such as fixed deployment, single-point-detection and low utilization rate. In this paper, we propose a distributed flexible intrusion prevention system in software defined network (DFIPS). Our proposed DFIPS has three main modules: a classifier, a detector pool and a control agent. The classifier is in charge of slicing traffic. The detector pool then generates several detector nodes for detecting. The control agent interacts with the classifier and the detector pool, as well as higher level SDN controller APPs and OpenFlow switches. DFIPS integrating with SDN controller can easily achieve good load balancing among DFIPSs without repetitive deployment. We evaluate the two forms of DFIPS interaction and latency to show the advantage of DFIPS. In future, we would implement a more comprehensive DFIPS emulation to prove feasibility. We believe that the proposed DFIPS will be adapted in real networks eventually.

Original languageEnglish
Title of host publicationProceedings - SEKE 2016
Subtitle of host publication28th International Conference on Software Engineering and Knowledge Engineering
PublisherKnowledge Systems Institute Graduate School
Pages124-127
Number of pages4
ISBN (Electronic)189170639X, 9781891706394
DOIs
Publication statusPublished - 2016
Externally publishedYes
Event28th International Conference on Software Engineering and Knowledge Engineering, SEKE 2016 - Redwood City, United States
Duration: 1 Jul 20163 Jul 2016

Publication series

NameProceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
Volume2016-January
ISSN (Print)2325-9000
ISSN (Electronic)2325-9086

Conference

Conference28th International Conference on Software Engineering and Knowledge Engineering, SEKE 2016
Country/TerritoryUnited States
CityRedwood City
Period1/07/163/07/16

Keywords

  • Intrusion prevention system (IPS)
  • OpenFlow
  • Software defined network (SDN)

Cite this