Reduction of traffic between switches and IDS for prevention of DoS attack in SDN
Title | Reduction of traffic between switches and IDS for prevention of DoS attack in SDN |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Quingueni, A. M., Kitsuwan, N. |
Conference Name | 2019 19th International Symposium on Communications and Information Technologies (ISCIT) |
Keywords | centralized controller, composability, computer network security, denial of service (dos), DoS attack, end-to-end traffic, IDS, IDS delays, intrusion detection system, Intrusion Detection System (IDS), malicious packets, pubcrawl, resilience, Resiliency, SDN, Software Defined Network (SDN), software defined networking, software-defined network, telecommunication congestion control, telecommunication switching, telecommunication traffic |
Abstract | Denial of service (DoS) is a process of injecting malicious packets into the network. Intrusion detection system (IDS) is a system used to investigate malicious packets in the network. Software-defined network (SDN) physically separates control plane and data plane. The control plane is moved to a centralized controller, and it makes a decision in the network from a global view. The combination between IDS and SDN allows the prevention of malicious packets to be more efficient due to the advantage of the global view in SDN. IDS needs to communicate with switches to have an access to all end-to-end traffic in the network. The high traffic in the link between switches and IDS results in congestion. The congestion between switches and IDS delays the detection and prevention of malicious traffic. To address this problem, we propose a historical database (Hdb), a scheme to reduce the traffic between switches and IDS, based on the historical information of a sender. The simulation shows that in the average, 54.1% of traffic mirrored to IDS is reduced compared to the conventional schemes. |
DOI | 10.1109/ISCIT.2019.8905165 |
Citation Key | quingueni_reduction_2019 |
- Intrusion Detection System (IDS)
- telecommunication traffic
- telecommunication switching
- telecommunication congestion control
- software-defined network
- software defined networking
- Software Defined Network (SDN)
- SDN
- Resiliency
- resilience
- malicious packets
- pubcrawl
- intrusion detection system
- IDS delays
- IDS
- end-to-end traffic
- DoS attack
- denial of service (dos)
- computer network security
- composability
- centralized controller