Tianyi Xing, Zhengyang Xiong, Dijiang Huang, D. Medhi
{"title":"SDNIPS:支持基于软件定义网络的云入侵防御系统","authors":"Tianyi Xing, Zhengyang Xiong, Dijiang Huang, D. Medhi","doi":"10.1109/CNSM.2014.7014181","DOIUrl":null,"url":null,"abstract":"Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.","PeriodicalId":268334,"journal":{"name":"10th International Conference on Network and Service Management (CNSM) and Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"72","resultStr":"{\"title\":\"SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds\",\"authors\":\"Tianyi Xing, Zhengyang Xiong, Dijiang Huang, D. Medhi\",\"doi\":\"10.1109/CNSM.2014.7014181\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.\",\"PeriodicalId\":268334,\"journal\":{\"name\":\"10th International Conference on Network and Service Management (CNSM) and Workshop\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-01-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"72\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"10th International Conference on Network and Service Management (CNSM) and Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CNSM.2014.7014181\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"10th International Conference on Network and Service Management (CNSM) and Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CNSM.2014.7014181","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds
Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
