SDN-oriented intrusion defense system and method

An intrusion prevention system and intrusion prevention technology, applied in the transmission system, digital transmission system, electrical components, etc., can solve the problems of low efficiency and high cost of the integrated system, and achieve the effect of ensuring normal forwarding, ensuring accuracy, and low cost

Active Publication Date: 2016-03-23
NANJING UNIV OF POSTS & TELECOMM
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to solve the problems of non-dynamic detection of the intrusion prevention system, low efficiency and high cost of the "single point detection" integrated system, and proposes an SDN-oriented intrusion prevention system and method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN-oriented intrusion defense system and method
  • SDN-oriented intrusion defense system and method
  • SDN-oriented intrusion defense system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The invention will be described in further detail below in conjunction with the accompanying drawings.

[0033] Such as figure 1 As shown, the intrusion prevention system proposed by the present invention is deployed on the controller in the SDN environment. Since each switch is connected to multiple controllers, the intrusion prevention system on one controller is responsible for monitoring multiple switches, and each switch can be monitored by multiple intrusion prevention systems. At the same time, there is a master intrusion prevention system and multiple slave intrusion prevention systems. Initially, the intrusion prevention system on the master controller is the master intrusion detection system, and the intrusion prevention system on the slave controller is the slave intrusion prevention system.

[0034] Such as figure 2 As shown, the system of the present invention includes three modules inside, namely: a slicer module, a detection module and an intrusion pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses an SDN-oriented intrusion defense system and method. The system is deployed in the controller in an SDN network and is responsible for monitoring multiple switches, and each switch can be monitored by multiple intrusion defense systems. One main intrusion defense system controls multiple sub intrusion defense systems to monitor the whole network. The system comprises an intrusion defense controller module, a detection module and a fragmentation device module. The fine-grained intrusion defense function is realized by the decision maker in an intrusion defense controller matched detection module. The flexible deployment of the intrusion defense system without position fixation can be realized, the deployment cost is reduced, the multiple intrusion defense systems coordinate and work, the overall utilization rate of the intrusion defense system is improved, the safety of the network is ensured by the accurate and efficient detection method, the network congestion is not caused, and the SDN-oriented intrusion defense system and method have wide technology and market values.

Description

technical field [0001] The invention relates to an SDN-oriented intrusion prevention system and method, belonging to the technical field of computer network and information security. technical background [0002] With the rapid development of computers and the popularization of networks, the threats from outside and inside the network are increasing day by day, and network security has become a key point that cannot be ignored in the field of computer networks. In order to ensure the security of computers and the Internet, firewall technology is introduced into computer networks. The firewall has strong protection capabilities for known internal and external network behaviors, but its defense capabilities for unknown attacks are insufficient, and there are problems such as the inability to effectively perform dynamic protection. As a supplement to the firewall, the intrusion detection system can instantly identify abnormal network behaviors. Realize fast and dynamic securit...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/933
CPCH04L49/15H04L63/02
Inventor 杨一涛贾雪松李华康孙国梓任丹妮
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap