SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds

Tianyi Xing, Zhengyang Xiong, Dijiang Huang, Deep Medhi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

40 Scopus citations

Abstract

Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.

Original languageEnglish (US)
Title of host publicationProceedings of the 10th International Conference on Network and Service Management, CNSM 2014
EditorsDanny Raz, Michele Nogueira, Edmundo Roberto Mauro Madeira, Brendan Jennings, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages308-311
Number of pages4
ISBN (Electronic)9783901882661
DOIs
StatePublished - Jan 16 2014
Event10th International Conference on Network and Service Management, CNSM 2014 - Rio de Janeiro, Brazil
Duration: Nov 17 2014Nov 21 2014

Publication series

NameProceedings of the 10th International Conference on Network and Service Management, CNSM 2014

Other

Other10th International Conference on Network and Service Management, CNSM 2014
CountryBrazil
CityRio de Janeiro
Period11/17/1411/21/14

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds'. Together they form a unique fingerprint.

  • Cite this

    Xing, T., Xiong, Z., Huang, D., & Medhi, D. (2014). SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds. In D. Raz, M. Nogueira, E. R. M. Madeira, B. Jennings, L. Z. Granville, & L. P. Gaspary (Eds.), Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014 (pp. 308-311). [7014181] (Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNSM.2014.7014181