TY - CHAP
T1 - Scalable and Collaborative Intrusion Detection and Prevention Systems Based on SDN and NFV
AU - Blaise, Agathe
AU - Scott-Hayward, Sandra
AU - Secci, Stefano
PY - 2020/7/23
Y1 - 2020/7/23
N2 - The increasing complexity and connectivity of networks lead to new and challenging vulnerabilities to be addressed for network security. As networks expand and diverse networks become interrelated, attackers leverage the broad scope of the global Internet to perpetrate large-scale attacks. Cloud environments, which are widely adopted, are fundamentally provisioned via the Internet bringing new challenges regarding security and privacy. However, network programmability and emerging technologies such as software-defined networking (SDN) and network functions virtualization (NFV) can advance techniques for intrusion detection and protection. In this chapter, we review the state of the art in scalable and collaborative intrusion detection systems (IDSs). Combining data plane programming with control level collaboration, we propose a model to simplify the detection of large-scale, distributed network attacks. This model simultaneously reduces the system overhead through direct mitigation at the network edge and enriches the detection process with corroboration of evidence from distributed sources.
AB - The increasing complexity and connectivity of networks lead to new and challenging vulnerabilities to be addressed for network security. As networks expand and diverse networks become interrelated, attackers leverage the broad scope of the global Internet to perpetrate large-scale attacks. Cloud environments, which are widely adopted, are fundamentally provisioned via the Internet bringing new challenges regarding security and privacy. However, network programmability and emerging technologies such as software-defined networking (SDN) and network functions virtualization (NFV) can advance techniques for intrusion detection and protection. In this chapter, we review the state of the art in scalable and collaborative intrusion detection systems (IDSs). Combining data plane programming with control level collaboration, we propose a model to simplify the detection of large-scale, distributed network attacks. This model simultaneously reduces the system overhead through direct mitigation at the network edge and enriches the detection process with corroboration of evidence from distributed sources.
U2 - 10.1007/978-3-030-44685-7_26
DO - 10.1007/978-3-030-44685-7_26
M3 - Chapter (peer-reviewed)
SN - 9783030446840
T3 - Computer Communications and Networks
SP - 653
EP - 673
BT - Guide to Disaster-Resilient Communication Networks
A2 - Rak, Jacek
A2 - Hutchison, David
PB - Springer International Publishing AG
ER -