Security related monitoring in high speed backbone networks is still a challenging task, since the amounts of data to process increases continuously. Thus, new approaches need to be investigated to detect and handle attacks in high-speed environments to protect the underlying access lines. Therefore, we introduce a new approach for redirecting suspicious traffic taking advantage of properties of OpenFlow in an SDN environment. Using this, we are able to redirect identified suspicious traffic to various IDSs for further inspection in a dynamic and adaptive way. Our solution is able to drop bogus traffic as well as forwarding DDoS related traffic to a DDoS WASHING MACHINE. Furthermore, it is able to cope with privacy concerns, because only traffic marked as suspicious which can not be processed on-site is redirected to cloud security providers.
[1]
Gabi Dreo Rodosek,et al.
Using Geolocation for the Strategic Preincident Preparation of an IT Forensics Analysis
,
2016,
IEEE Systems Journal.
[2]
Gabi Dreo Rodosek,et al.
Towards an Adaptive and Effective IDS Using OpenFlow
,
2015,
AIMS.
[3]
Guido Appenzeller,et al.
Maturing of OpenFlow and Software-defined Networking through deployments
,
2014,
Comput. Networks.
[4]
Harald Baier,et al.
How to exchange security events? Overview and evaluation of formats and protocols
,
2015,
2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).
[5]
Olivier Bonaventure,et al.
Opportunities and research challenges of hybrid software defined networks
,
2014,
CCRV.