Abstract
Processing huge amounts of traffic from core network components with respect to security remains a challenging task, since the amounts of data increase continuously. Therefore, new approaches need to be investigated to detect and handle attacks already in high-speed environments. In this PhD research, we will develop a new approach for detecting network attacks by processing data from core network components taking advantage of properties of OpenFlow in an SDN environment. Using this, we can collect metadata about forwarded traffic in an immediate and effective way. In addition, our solution will enable dynamic and adaptive redirection of traffic to various IDSs including cloud-based IDS solutions.
Chapter PDF
Similar content being viewed by others
References
Akamai - Q4 2014 State of the Internet Security Report, http://www.stateoftheinternet.com/resources-web-security-2014-q4-internet-security-report.html (last accessed on January 28, 2015)
Arbor Networks - Worldwide Infrastructure Security Report (2014), http://pages.arbornetworks.com/rs/arbor/images/WISR2014.pdf
Bro Network Security Monitor, http://www.bro.org/ (last accessed on January 28, 2015)
Cloudflare, Inc., https://www.cloudflare.com/ (last accessed on January 28, 2015)
Franklin Morris, Infographic: SMB Cloud Adoption Trends in (2014), http://www.pcworld.com/article/2685792/infographic-smb-cloud-adoption-trends-in-2014.html (last accessed on January 28, 2015)
Snort, https://www.snort.org/ (last accessed on January, 28 2015)
Suricata IDS/IPS, http://www.suricata-ids.org// (last accessed on January 28, 2015)
AbuHmed, T., Mohaisen, A., Nyang, D.: A survey on deep packet inspection for intrusion detection systems. arXiv preprint arXiv:0803.0037 (2008)
Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: 2010 IEEE 35th Conference on Local Computer Networks (LCN), pp. 408–415. IEEE (2010)
Feamster, N.: Outsourcing home network security. In: Proceedings of the 2010 ACM SIGCOMM Workshop on Home Networks, pp. 37–42. ACM (2010)
François, J., Dolberg, L., Festor, O., Engel, T.: Network Security through Software Defined Networking: a Survey. In: IIT Real-Time Communications (RTC) Conference-Principles, Systems and Applications of IP Telecommunications (IPTComm). ACM
Fry, C., Nystrom, M.: Security Monitoring. O’Reilly Media, Inc. (2009)
Giotis, K., Argyropoulos, C., Androulidakis, G., Kalogeras, D., Maglaris, V.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Computer Networks 62, 122–136 (2014)
Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in software Defined Networking, pp. 55–60. ACM (2013)
Schehlmann, L., Baier, H.: COFFEE: A Concept based on OpenFlow to Filter and Erase Events of botnet activity at high-speed nodes. In: GI-Jahrestagung, pp. 2225–2239 (2013)
Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN security: A survey. In: 2013 IEEE SDN for Future Networks and Services (SDN4FNS), pp. 1–7. IEEE (2013)
Sperotto, A., Schaffrath, G., Sadre, R., Morariu, C., Pras, A., Stiller, B.: An Overview of IP Flow-Based Intrusion Detection. IEEE Communications Surveys Tutorials 12(3), 343–356 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Seeber, S., Rodosek, G.D. (2015). Towards an Adaptive and Effective IDS Using OpenFlow. In: Latré, S., Charalambides, M., François, J., Schmitt, C., Stiller, B. (eds) Intelligent Mechanisms for Network Configuration and Security. AIMS 2015. Lecture Notes in Computer Science(), vol 9122. Springer, Cham. https://doi.org/10.1007/978-3-319-20034-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-20034-7_14
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20033-0
Online ISBN: 978-3-319-20034-7
eBook Packages: Computer ScienceComputer Science (R0)