Title :
Scalable network intrusion detection on virtual SDN environment
Author :
Chiwook Jeong ; Taejin Ha ; Narantuya, Jargalsaikhan ; Hyuk Lim ; JongWon Kim
Author_Institution :
Sch. of Inf. & Commun., Gwangju Inst. of Sci. & Technol. (GIST), Gwangju, South Korea
Abstract :
We propose a scalable intrusion detection system (IDS) architecture on a software-defined networking (SDN) environment implemented using a virtualization infrastructure called a Kernel-based Virtual Machine (KVM). In this virtual environment, virtual machines running IDSs, the SDN controller, and network attack software are connected with each other through OpenFlow-enabled software switches. This paper focuses on distributed traffic sampling at network switches for malicious traffic inspection. The network topology and the IDS configuration are visualized through a web graphical user interface.
Keywords :
Internet; graphical user interfaces; security of data; software architecture; virtual machines; virtualisation; IDS architecture; KVM; OpenFlow-enabled software switches; Web graphical user interface; distributed traffic sampling; kernel-based virtual machine; malicious traffic inspection; scalable network intrusion detection; software-defined networking; virtual SDN environment; virtualization infrastructure; Computer architecture; Graphical user interfaces; Inspection; Intrusion detection; Software; Virtual machining; Software defined networking; intrusion detection system; security;
Conference_Titel :
Cloud Networking (CloudNet), 2014 IEEE 3rd International Conference on
Conference_Location :
Luxembourg
DOI :
10.1109/CloudNet.2014.6969003
