Towards an SDN-enabled IDS environment

Security related monitoring in high speed backbone networks is still a challenging task, since the amounts of data to process increases continuously. Thus, new approaches need to be investigated to detect and handle attacks in high-speed environments to protect the underlying access lines. Therefore, we introduce a new approach for redirecting suspicious traffic taking advantage of properties of OpenFlow in an SDN environment. Using this, we are able to redirect identified suspicious traffic to various IDSs for further inspection in a dynamic and adaptive way. Our solution is able to drop bogus traffic as well as forwarding DDoS related traffic to a DDoS WASHING MACHINE. Furthermore, it is able to cope with privacy concerns, because only traffic marked as suspicious which can not be processed on-site is redirected to cloud security providers.