SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds

Tianyi Xing; Zhengyang Xiong; Dijiang Huang; Deep Medhi

doi:10.1109/CNSM.2014.7014181

SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds

Tianyi Xing, Zhengyang Xiong, Dijiang Huang, Deep Medhi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

40 Scopus citations

Abstract

Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.

Original language	English (US)
Title of host publication	Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014
Editors	Danny Raz, Michele Nogueira, Edmundo Roberto Mauro Madeira, Brendan Jennings, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	308-311
Number of pages	4
ISBN (Electronic)	9783901882661
DOIs	https://doi.org/10.1109/CNSM.2014.7014181
State	Published - Jan 16 2014
Event	10th International Conference on Network and Service Management, CNSM 2014 - Rio de Janeiro, Brazil Duration: Nov 17 2014 → Nov 21 2014

Publication series

Name	Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014

Other

Other	10th International Conference on Network and Service Management, CNSM 2014
Country	Brazil
City	Rio de Janeiro
Period	11/17/14 → 11/21/14

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/CNSM.2014.7014181

Fingerprint Dive into the research topics of 'SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds'. Together they form a unique fingerprint.

Cite this

Xing, T., Xiong, Z., Huang, D., & Medhi, D. (2014). SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds. In D. Raz, M. Nogueira, E. R. M. Madeira, B. Jennings, L. Z. Granville, & L. P. Gaspary (Eds.), Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014 (pp. 308-311). [7014181] (Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNSM.2014.7014181

SDNIPS : Enabling Software-Defined Networking based intrusion prevention system in clouds. / Xing, Tianyi; Xiong, Zhengyang; Huang, Dijiang; Medhi, Deep.

Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014. ed. / Danny Raz; Michele Nogueira; Edmundo Roberto Mauro Madeira; Brendan Jennings; Lisandro Zambenedetti Granville; Luciano Paschoal Gaspary. Institute of Electrical and Electronics Engineers Inc., 2014. p. 308-311 7014181 (Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Xing, T, Xiong, Z, Huang, D & Medhi, D 2014, SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds. in D Raz, M Nogueira, ERM Madeira, B Jennings, LZ Granville & LP Gaspary (eds), Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014., 7014181, Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014, Institute of Electrical and Electronics Engineers Inc., pp. 308-311, 10th International Conference on Network and Service Management, CNSM 2014, Rio de Janeiro, Brazil, 11/17/14. https://doi.org/10.1109/CNSM.2014.7014181

Xing T, Xiong Z, Huang D, Medhi D. SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds. In Raz D, Nogueira M, Madeira ERM, Jennings B, Granville LZ, Gaspary LP, editors, Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 308-311. 7014181. (Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014). https://doi.org/10.1109/CNSM.2014.7014181

Xing, Tianyi ; Xiong, Zhengyang ; Huang, Dijiang ; Medhi, Deep. / SDNIPS : Enabling Software-Defined Networking based intrusion prevention system in clouds. Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014. editor / Danny Raz ; Michele Nogueira ; Edmundo Roberto Mauro Madeira ; Brendan Jennings ; Lisandro Zambenedetti Granville ; Luciano Paschoal Gaspary. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 308-311 (Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014).

@inproceedings{85ed928ce7154624be2eea169e27cdc5,

title = "SDNIPS: Enabling Software-Defined Networking based intrusion prevention system in clouds",

abstract = "Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.",

author = "Tianyi Xing and Zhengyang Xiong and Dijiang Huang and Deep Medhi",

year = "2014",

month = jan,

day = "16",

doi = "10.1109/CNSM.2014.7014181",

language = "English (US)",

series = "Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "308--311",

editor = "Danny Raz and Michele Nogueira and Madeira, {Edmundo Roberto Mauro} and Brendan Jennings and Granville, {Lisandro Zambenedetti} and Gaspary, {Luciano Paschoal}",

booktitle = "Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014",

note = "10th International Conference on Network and Service Management, CNSM 2014 ; Conference date: 17-11-2014 Through 21-11-2014",

}

TY - GEN

T1 - SDNIPS

T2 - 10th International Conference on Network and Service Management, CNSM 2014

AU - Xing, Tianyi

AU - Xiong, Zhengyang

AU - Huang, Dijiang

AU - Medhi, Deep

PY - 2014/1/16

Y1 - 2014/1/16

N2 - Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.

AB - Security has been considered as one of the top concerns in clouds. Intrusion Detection and Prevention Systems (IDPS) have been widely deployed to enhance the cloud security. Using Software-Defined Networking (SDN) approaches to enhance the system security in clouds has been recently presented in [1], [2]. However, none of existing works established a comprehensive IPS solution to reconfigure the cloud networking environment on-the-fly to counter malicious attacks. In this paper, we present an SDN-based IPS solution called SDNIPS that is a full lifecycle solution including detection and prevention in the cloud. We propose a new IDPS architecture based on Snort-based IDS and Open vSwitch (OVS). We also compare the SDN-based IPS solution with the traditional IPS approach from both mechanism analysis and evaluation. Network Reconfiguration (NR) features are designed and implemented based on the POX controller to enhance the prevention flexibility. Finally, evaluations of SDNIPS demonstrate its feasibility and efficiency over traditional approaches.

UR - http://www.scopus.com/inward/record.url?scp=84922792143&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84922792143&partnerID=8YFLogxK

U2 - 10.1109/CNSM.2014.7014181

DO - 10.1109/CNSM.2014.7014181

M3 - Conference contribution

AN - SCOPUS:84922792143

T3 - Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014

SP - 308

EP - 311

BT - Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014

A2 - Raz, Danny

A2 - Nogueira, Michele

A2 - Madeira, Edmundo Roberto Mauro

A2 - Jennings, Brendan

A2 - Granville, Lisandro Zambenedetti

A2 - Gaspary, Luciano Paschoal

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 17 November 2014 through 21 November 2014

ER -