Title :
SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds
Author :
Tianyi Xing ; Zhengyang Xiong ; Dijiang Huang ; Medhi, Deep
Author_Institution :
Arizona State Univ., Tempe, AZ, USA
Abstract :
Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.
Keywords :
cloud computing; security of data; software defined networking; IDPS architecture; NR features; OVS; Open vSwitch; POX controller; SDN-based IPS solution; SDNIPS; Snort-based IDS; cloud networking environment; cloud security; intrusion detection systems; intrusion prevention system; malicious attacks; mechanism analysis; network reconfiguration; software defined networking; system security; Filtering; Floods; Kernel; Quality of service; Switches;
Conference_Titel :
Network and Service Management (CNSM), 2014 10th International Conference on
Conference_Location :
Rio de Janeiro
DOI :
10.1109/CNSM.2014.7014181
