Title :
Deployment of Intrusion Prevention System based on Software Defined Networking
Author :
Lei Zhang ; Guochu Shou ; Yihong Hu ; Zhigang Guo
Author_Institution :
Sch. of Inf. & Commun. Eng., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
The development of the mobile Internet brought about by the thriving mobile intelligent terminals has made it possible to access to the Internet anytime and anywhere. While people enjoy the convenience, they also suffer from a series of security threats caused by cyber-attacks. IPS brings reliability and security in a network system and is regarded as one of the most popular security devices. However, the conventional IPS deployment often has some limitations, and the deployment and maintenance costs are expensive, the utilization rate is low. In order to solve these issues, an SDN-based IPS deployment is presented in this paper, which supports a unified scheduling of security applications in the whole network and load balancing among IPSs. In addition, this paper builds a test-bed and shows evaluation results. As the results, It is confirmed that the proposed scheme can achieve a shorter time for ping after the first ping and that with the load balancing, the network latency is significantly reduced.
Keywords :
Internet; computer network security; resource allocation; scheduling; SDN-based IPS deployment; cyber-attacks; intrusion prevention system; load balancing; mobile Internet; mobile intelligent terminals; security applications; security devices; security threats; software defined networking; unified scheduling; Computer architecture; Internet; Load management; Security; Servers; Switches; Intrusion Prevention System(IPS); SDN/OpenFlow; load balancing; network security;
Conference_Titel :
Communication Technology (ICCT), 2013 15th IEEE International Conference on
Conference_Location :
Guilin
DOI :
10.1109/ICCT.2013.6820345
