DocumentCode
3735316
Title
Implementation of SDN based network intrusion detection and prevention system
Author
Pin-Jui Chen;Yen-Wen Chen
Author_Institution
Department of Communication Engineering, National Central University, Taiwan
fYear
2015
Firstpage
141
Lastpage
146
Abstract
In recent years, the rise of software-defined networks (SDN) have made network control more flexible, easier to set up and manage, and have provided a stronger ability to adapt to the changing demands of application development and network conditions. The network becomes easier to maintain, but also achieves improved security as a result of SDN. The architecture of SDN is designed for Control Plane and Forwarding Plane separation and uses open APIs to realize programmable control. SDN allows for the importing of third-party applications to improve network service, or even provide a new network service. In this paper, we present a defense mechanism, which can find attack packets previously identified through the Sniffer function, and once the abnormal flow is found, the protection mechanism of the Firewall function will be activated. For the capture of the packets, available libraries will be used to determine the properties and contents of the malicious packet, and to anticipate any possible attacks. Through the prediction of all latent malicious behaviors, our new defense algorithm can prevent potential losses like system failures or crashes and reduce the risk of being attacked.
Keywords
"Ports (Computers)","Operating systems","Firewalls (computing)","Control systems","Routing"
Publisher
ieee
Conference_Titel
Security Technology (ICCST), 2015 International Carnahan Conference on
Print_ISBN
978-1-4799-8690-3
Electronic_ISBN
2153-0742
Type
conf
DOI
10.1109/CCST.2015.7389672
Filename
7389672
Link To Document