Towards an SDN-enabled IDS environment

Seeber, Sebastian; Stiemert, Lars; Rodosek, Gabi Dreo

doi:10.1109/cns.2015.7346918

Cited by 16 publications

(13 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A software-defined approach to secure field zones in an ICS is shown in [15]. The implementation of IDS within SDN controllers is proposed in [16], [17], [18], and [19] that provides a survey on SDN based network intrusion detection systems based on machine learning approaches. Few papers measure the impact of an IDS implemented over SDN architectures: [20] presents a QoS comparison of two open source network intrusion detection systems (Snort IDS and Bro IDS) in a SDN architecture.…”

Section: Related Workmentioning

confidence: 99%

Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN)

et al. 2022

View full text Add to dashboard Cite

Software Defined Networking (SDN) is a very useful tool not only to manage networks but also to increase network security, in particular by implementing Intrusion Detection Systems (IDS) directly into the SDN architecture. The implementation of IDS within the SDN paradigm can simplify the implementation, speed up incident responses, and, in general, allow to promptly react to cyber attacks through proper countermeasures. Nevertheless, embedding IDS within SDN also introduces delays that cannot be tolerated in specific network environments, like industrial control systems. This paper focuses on the implementation of an IDS based on Machine Learning (ML) algorithms into an SDN architecture and proposes a very practical approach to reduce the delay by using the sequential implementation of prototypes of increasing software and hardware complexity so allowing quick tests to highlight the main problems, solve them and pass to the next operative step. A fully validated performance evaluation is then shown by exploiting all the presented solutions and by using further improved hardware features. The overall performance is very good and compliant with most, even if not yet all, industrial control systems constraints. Results show how the proposed solutions provide a significant improvement of the latency so opening the door to a real implementation in the field.

show abstract

Section: Related Workmentioning

confidence: 99%

Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN)

et al. 2022

View full text Add to dashboard Cite

show abstract

“…can be deployed as virtual components of a cloud infarastructure orchestrated through the SDN control mechanisms for proper operations, and exploiting NFV for lifecycle management. [Melis et al 2018;Seeber et al 2015] Finally, they can be combined with a forwarding plane that can be also integrated in the virtualized environment, for instance by exploiting OpenVswitch (OVS), which is now tightly integrated with various cloud platforms, including OpenStack, openQRM, Open-Nebula and oVirt [Wen et al 2012].…”

Section: Technologies and State Of The Art 21 Sdn And Nfvmentioning

confidence: 99%

Sustainable Infrastructure Monitoring for Security-Oriented Purposes

Berardi

Callegati

Melis

et al. 2020

Proceedings of the 6th EAI International Conference on Smart Objects and Technologies for Social Good

View full text Add to dashboard Cite

As computing and communication infrastructures have gained an ever-increasing role in everybody's life, guaranteeing their reliability has become a critical endeavor. In the face of threats that grow more and more sophisticated, we must turn our attention to the techniques that have the potential to match them and scale with the infrastructure complexity. The current trend in the telecommunication industry towards "softwarized infrastructures" by means of new technologies such as Software Defined Networking and Network Function Virtualization may provide a innovative and effective solutions from this point of view.In this work, we outline a network security monitoring architecture aimed at striking the best trade-off between effectiveness and efficiency. This result is achieved by exploiting the possibility, already enabled by state-of-the-art, yet well tested components for infrastructural orchestration, of dynamic instantiation and composition of functions. We conclude that efficient detection of some classes of network-based denial-of-service attacks is possible, and open the path to mitigation strategies that optimize the usage of resources by deploying and re-configuring them as needed in realtime. CCS CONCEPTS• Security and privacy → Denial-of-service attacks; • Networks → Network reliability; Network monitoring.

show abstract

“…The controller creates flow rules within switches that allow/deny that flow's packets within the network (self-protecting). Also, network operators can configure those switches to behave similarly to mini-firewalls and may steer specific type of traffic to another system (i.e., such as IDS) either for more inspection [68] or detection of possible threats [69]- [72]. Many SDN controllers already implement firewall application within their distribution such as in OpenDaylight and Floodlight controllers.…”

Section: A Autonomy Of Sdnmentioning

confidence: 99%

A Survey on Autonomic Provisioning and Management of QoS in SDN Networks

BinSahaq

Sheltami

2019

IEEE Access

View full text Add to dashboard Cite

In today's Internet, killer network services and applications, such as video and audio streaming, network storage, and online video games, are pushing the network infrastructure resources to the edge. By design and for the most part, the Internet is the best offer delivery ecosystem with little or no endto-end quality-of-service (QoS) guarantees. Even, frameworks, such as IntServ and DiffServ that were designed and implemented to provide QoS guarantees, still fail to solve this problem at a wide scale. Software-defined networking (SDN) is a fast emerging networking paradigm that promises to provide endto-end QoS guaranteeing by offering greater network flexibility, abstraction, control, and programmability to network resources. In this paper, we review, survey, and discuss the current state of the art on QoS provisioning in the area of SDN, with respect to applying the concept of autonomic computing (AC) to automatically support, provision, monitor, and maintain QoS requirements. This paper includes in-depth classification, taxonomy, and comparative analysis for the autonomic-based QoS provisioning in accordance with the famous influential and widely adopted the monitor-analyze-plan-execute-knowledge (MAPE-K) IBM architectural model for autonomic computing.

show abstract

Towards an SDN-enabled IDS environment

Cited by 16 publications

References 4 publications

Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN)

Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN)

Sustainable Infrastructure Monitoring for Security-Oriented Purposes

A Survey on Autonomic Provisioning and Management of QoS in SDN Networks

Contact Info

Product

Resources

About