Software-Defined Network-Based Intrusion Detection System

The traditional networks conflate control and data plane on a physical device, normally comprise of software and hardware. The new emerging technology software-defined networks (SDNs) detach control plane from the data plane. SDN control plane exits contr

  • PDF / 251,011 Bytes
  • 9 Pages / 439.37 x 666.142 pts Page_size
  • 83 Downloads / 271 Views

DOWNLOAD

REPORT


Abstract The traditional networks conflate control and data plane on a physical device, normally comprise of software and hardware. The new emerging technology software-defined networks (SDNs) detach control plane from the data plane. SDN control plane exits controller has ability to control the entire network which is a possible security concern as compared to traditional network with a distributed control plane. In software-defined network, malicious flow exploits vulnerability of the controller through SDN switches, which demands essential SDN-based security model. This paper introduces the SDN architecture with their threat vectors. We proposed the SDN-based intrusion detection system (IDS) which identifies malicious behaviors or attacks and reports to network administrators as intrusion events. Keywords Software-defined networking

 Intrusion detection system  Security

1 Introduction Software-defined networking (SDN) is one of the most innovative network technologies. The main idea of SDN is to decouple the control plane from the physical infrastructure, which enables network administrator to define and configure network through programming or using the software to define it. Software-defined

Y. Hande (&)  A. Muddana Department of Information Technology, GITAM School of Technology, Hyderabad, AP, India e-mail: [email protected] A. Muddana e-mail: [email protected] S. Darade Department of Computer Science and Engineering, GITAM School of Technology, Hyderabad, AP, India e-mail: [email protected] © Springer Nature Singapore Pte Ltd. 2018 H.S. Saini et al. (eds.), Innovations in Electronics and Communication Engineering, Lecture Notes in Networks and Systems 7, https://doi.org/10.1007/978-981-10-3812-9_55

535

536

Y. Hande et al.

networking [1] incites network operator to manage and configure the network essential by enhancing the OpenFlow in switch product. Considering the environment of SDN, security is the prime challenge in SDN architecture. Centralized controller may exploit vulnerability due to continuous update from network administrator or operator [2]. There is a need to analyze SDN traffic which can degrade the SDN network performance and require effective implementation of security model. The network assets and communication transactions across the network must be protected from malicious attacks and unintentional damage through some security professionals. An intrusion detection system is defined as one of the solution for network security to identify the abnormal activities. An IDS enables us to secure the system from unauthorized users. It is considered as the backbone for securing the SDN architecture. Here, we proposed the SDN-based intrusion detection system (IDS) uses methods to monitor the network traffic for intrusion detection which helps to provide the security toward SDN.

1.1

Software-Defined Networking

Software-defined network (SDN) is a dynamic, manageable, adaptable, and cost-effective network. This SDN is encompassing several network technologies aimed to make directly progra