TY - GEN
T1 - SDNIPS
T2 - 10th International Conference on Network and Service Management, CNSM 2014
AU - Xing, Tianyi
AU - Xiong, Zhengyang
AU - Huang, Dijiang
AU - Medhi, Deep
N1 - Publisher Copyright:
© 2014 IFIP.
Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2014/1/16
Y1 - 2014/1/16
N2 - Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.
AB - Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.
UR - http://www.scopus.com/inward/record.url?scp=84922792143&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84922792143&partnerID=8YFLogxK
U2 - 10.1109/CNSM.2014.7014181
DO - 10.1109/CNSM.2014.7014181
M3 - Conference contribution
AN - SCOPUS:84922792143
T3 - Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014
SP - 308
EP - 311
BT - Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014
A2 - Raz, Danny
A2 - Nogueira, Michele
A2 - Madeira, Edmundo Roberto Mauro
A2 - Jennings, Brendan
A2 - Granville, Lisandro Zambenedetti
A2 - Gaspary, Luciano Paschoal
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 17 November 2014 through 21 November 2014
ER -