Scalable and Collaborative Intrusion Detection and Prevention Systems Based on SDN and NFV

Agathe Blaise*, Sandra Scott-Hayward, Stefano Secci

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)peer-review

Abstract

The increasing complexity and connectivity of networks lead to new and challenging vulnerabilities to be addressed for network security. As networks expand and diverse networks become interrelated, attackers leverage the broad scope of the global Internet to perpetrate large-scale attacks. Cloud environments, which are widely adopted, are fundamentally provisioned via the Internet bringing new challenges regarding security and privacy. However, network programmability and emerging technologies such as software-defined networking (SDN) and network functions virtualization (NFV) can advance techniques for intrusion detection and protection. In this chapter, we review the state of the art in scalable and collaborative intrusion detection systems (IDSs). Combining data plane programming with control level collaboration, we propose a model to simplify the detection of large-scale, distributed network attacks. This model simultaneously reduces the system overhead through direct mitigation at the network edge and enriches the detection process with corroboration of evidence from distributed sources.
Original languageEnglish
Title of host publicationGuide to Disaster-Resilient Communication Networks
EditorsJacek Rak, David Hutchison
PublisherSpringer International Publishing AG
Chapter26
Pages653-673
ISBN (Electronic)9783030446857
ISBN (Print)9783030446840
DOIs
Publication statusPublished - 23 Jul 2020

Publication series

NameComputer Communications and Networks
PublisherSpringer International Publishing
ISSN (Electronic)1617-7975

Fingerprint

Dive into the research topics of 'Scalable and Collaborative Intrusion Detection and Prevention Systems Based on SDN and NFV'. Together they form a unique fingerprint.

Cite this