DFIPS: Toward Distributed Flexible Intrusion Prevention System in Software Defined Network

Xuesong Jia, Danni Ren, Yitao Yang, Huakang Li, Guozi Sun
2016 Proceedings of the 28th International Conference on Software Engineering and Knowledge Engineering  
With the evolution of the innovative software defined network (SDN), security issues have been taken into consideration. Intrusion prevention system (IPS) has widely deployed as a crucial measure in traditional network architecture to protect network from malignity. In spite of good capability of protection, IPS is still complained in many aspects, such as fixed deployment, single-point-detection and low utilization rate. In this paper, we propose a distributed flexible intrusion prevention
more » ... em in software defined network (DFIPS). Our proposed DFIPS has three main modules: a classifier, a detector pool and a control agent. The classifier is in charge of slicing traffic. The detector pool then generates several detector nodes for detecting. The control agent interacts with the classifier and the detector pool, as well as higher level SDN controller APPs and OpenFlow switches. DFIPS integrating with SDN controller can easily achieve good load balancing among DFIPSs without repetitive deployment. We evaluate the two forms of DFIPS interaction and latency to show the advantage of DFIPS. In future, we would implement a more comprehensive DFIPS emulation to prove feasibility. We believe that the proposed DFIPS will be adapted in real networks eventually.
doi:10.18293/seke2016-139 dblp:conf/seke/JiaRYLS16 fatcat:gzngq3bnwvf3hhiuu64k2kjjpy