Title :
SnortFlow: A OpenFlow-Based Intrusion Prevention System in Cloud Environment
Author :
Tianyi Xing ; Dijiang Huang ; Le Xu ; Chun-Jen Chung ; Khatkar, Pankaj
Author_Institution :
Arizona State Univ., Tempe, AZ, USA
Abstract :
Security has been one of the top concerns in clouds. It is challenging to construct a secure networking environment in clouds because the cloud is usually a hybrid networking system containing both physical and virtually overlaid networks. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) have been widely deployed to manipulate cloud security, with the latter providing additional prevention capabilities. This paper investigates into an OpenFlow and Snort based IPS called "SnortFlow", in which it enables the cloud system to detect intrusions and deploy countermeasures by reconfiguring the cloud networking system on-the-fly. The evaluation results demonstrate the feasibility of SnortFlow and provide the guidance for the future work.
Keywords :
cloud computing; overlay networks; security of data; IDS; IPS; OpenFlow-based intrusion prevention system; SnortFlow; cloud computing; cloud networking system on-the-fly; cloud security; hybrid networking system; intrusion detection systems; physical overlaid networks; secure networking environment; virtually overlaid networks; Cloud computing; Computer architecture; Intrusion detection; Monitoring; Performance evaluation; Servers;
Conference_Titel :
Research and Educational Experiment Workshop (GREE), 2013 Second GENI
Conference_Location :
Salt Lake City, UT
DOI :
10.1109/GREE.2013.25
