Implementation of SDN based network intrusion detection and prevention system

Pin Jui Chen, Yen Wen Chen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Scopus citations

Abstract

In recent years, the rise of software-defined networks (SDN) have made network control more flexible, easier to set up and manage, and have provided a stronger ability to adapt to the changing demands of application development and network conditions. The network becomes easier to maintain, but also achieves improved security as a result of SDN. The architecture of SDN is designed for Control Plane and Forwarding Plane separation and uses open APIs to realize programmable control. SDN allows for the importing of third-party applications to improve network service, or even provide a new network service. In this paper, we present a defense mechanism, which can find attack packets previously identified through the Sniffer function, and once the abnormal flow is found, the protection mechanism of the Firewall function will be activated. For the capture of the packets, available libraries will be used to determine the properties and contents of the malicious packet, and to anticipate any possible attacks. Through the prediction of all latent malicious behaviors, our new defense algorithm can prevent potential losses like system failures or crashes and reduce the risk of being attacked.

Original languageEnglish
Title of host publicationICCST 2015 - The 49th Annual IEEE International Carnahan Conference on Security Technology
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages141-146
Number of pages6
ISBN (Electronic)9781479986910
DOIs
StatePublished - 21 Jan 2016
Event49th Annual IEEE International Carnahan Conference on Security Technology, ICCST 2015 - Taipei, Taiwan
Duration: 21 Sep 201524 Sep 2015

Publication series

NameProceedings - International Carnahan Conference on Security Technology
Volume2015-January
ISSN (Print)1071-6572

Conference

Conference49th Annual IEEE International Carnahan Conference on Security Technology, ICCST 2015
Country/TerritoryTaiwan
CityTaipei
Period21/09/1524/09/15

Keywords

  • Controller
  • Defense Mechanism
  • Firewall
  • OpenFlow
  • Packet Sniffer
  • SDN
  • Software Defined Networks

Fingerprint

Dive into the research topics of 'Implementation of SDN based network intrusion detection and prevention system'. Together they form a unique fingerprint.

Cite this