Intrusion detection system based on software defined security architecture

An intrusion detection system and a software-defined technology, applied in the field of network information security, can solve problems such as the inability to realize unknown attack identification and detection, and achieve the effect of flexible acquisition and collection of network information

Inactive Publication Date: 2019-09-10
ZHEJIANG UNIV
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the currently commonly used feature-based detection methods need to accurately describe the features and pre-define the rules to match

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection system based on software defined security architecture
  • Intrusion detection system based on software defined security architecture
  • Intrusion detection system based on software defined security architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0024] The design and implementation of the OpenStack cloud platform, the design and implementation of the client, the design and implementation of the cloud, and the design and implementation of the communication pipeline between the client and the cloud will be described in detail with specific embodiments.

[0025] 1. Design and implementation of OpenStack cloud platform

[0026] This solution adopts the OpenStack multi-node construction mode of 1 master node, 1 controller node, and 2 compute nodes. Both the controller node and the compute node provide block storage and network services, and are deployed centrally on physical servers. For cloud platform network planning and design, there are three network cards, namely:

[0027] eth0 (OpenStack cluster management network, CIDR is 10.20.0.1 / 24), used to manage cluster nodes;

[0028] eth1 (external network / floating IP network, CIDR is 172.16.0.1 / 24), used for cluster public network and providing virtual machine floating IP ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intrusion detection system based on a software defined security architecture in the field of network information security. The intrusion detection system comprises a clientmodule and a cloud module; The cloud module comprises a cloud agent, an intrusion detection engine, an expert rule base, a machine learning base and a log database. The intrusion detection engine adopts Snort-based feature detection technology and machine learning-based anomaly detection technology. The software-defined security architecture provides programmable control and global state monitoring of the network. A unified transparent access mode is provided for a lower abstraction bottom layer security device. A northbound security application is expanded. The advantages of the cloud computing technology on elastic computing, distributed computing, load balancing and big data processing capacity are brought into play. An expert rule library, an intrusion detection engine and a related artificial intelligence detection algorithm are deployed at a cloud end. The intelligent detection efficiency of the system is improved, and the dynamic expansion capacity of the system and the rapid response capacity to new security threats are enhanced.

Description

technical field [0001] The present application belongs to the field of network information security, and in particular, relates to an intrusion detection system and a detection method under a software-defined security architecture. Background technique [0002] In recent years, with the rapid development of Internet technology, the continuous expansion of network scale, the continuous increase of network traffic, and the increasing complexity of network architecture, traditional network architecture is facing more and more severe challenges and tests. At the same time, the complex network environment has also brought many network security problems, such as malicious software attacks, spoofing attacks and distributed denial of service attacks. The increasingly prominent network security issues have gradually posed more serious challenges to the traditional security system architecture, service models and technical means. On the one hand, with the continuous development of re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/55G06K9/62G06N20/00
CPCH04L63/0281H04L63/1408H04L63/1441H04L63/0263G06F21/55G06N20/00G06F18/214
Inventor 张莎莎李荣鹏赵志峰张宏纲
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap