Flexible Network-Based Intrusion Detection and Prevention System on Software-Defined Networks

Software-defined networking (SDN) has recently generated considerable interest among researchers as a next generation network architecture that can overcome the limitations of the traditional network. Intrusion detection and prevention system (IDPS) can leverage the SDN approach to achieve lots of great benefits. The specialized hardware or software for network monitoring can be replaced by OpenFlow switches which might reduce the cost and decrease the latency of the whole IDPS system. SDN also enables the automatic response of the IDPS in case of intrusion detection. Besides, the administrator tasks can be much simpler and efficient thanks to the advantages of SDN. In this paper, we propose a network-based IDPS relying on SDN approach and carry out some typical experiments to evaluate its performance against Denial of Service and Probe attack.