Intrusion Detection in Software Defined Networking Using Snort and Mirroring

1Nithya Sampath, Jayakumar Sadhasivam, Senthil Jayavel, N. Swetha Chindarmony and Sakshi Sharma

250 Views
97 Downloads
Abstract:

Software-Defined Networking is a rising concept that aims to replace conventional networks by breaking up vertical integration. The control logic of network is separated from the underlying routers and switches, by logically centralized network control, and to program the network. An intrusion detection system is a software application that keeps track of a system or network for occurrence of any policy violations or malicious activity. Reports are sent to the network administrator or collected centrally using a security information and event management system when there is an occurrence of a malicious activity or policy violations. The aim of this paper is to create an Intrusion Detection System using Snort which is an open-source, free and lightweight application. The concept of the paper is to build an efficient and simplified Intrusion Detection System. First, setup a simple network topology with four virtual machines where three of them are hosts and fourth one is designed to run Snort.

Keywords:

Software Defined Networking (SDN), OpenFlow Protocol, Open vSwitch, Snort, Mirroring, Intrusion Detection System (IDS), Denial of Service (DoS) attacks, Distributed Denial of Service (DDoS)attacks, Switched Port Analyser (SPAN).

Paper Details
Month12
Year2019
Volume23
IssueIssue 4
Pages1699-1710