Design and Implementation of Cloud Platform Intrusion Prevention System based on SDN

摘要

In view of the traditional intrusion prevention system is connected in series mode in the network, the ability of dealing with the intrusion is limited, and it will cause network congestion easily, especially in the cloud computer environment. Aiming at the problems mentioned above, a scheme for the cloud platform intrusion prevention is proposed in the paper, based on the construction of the software defined network. By using the programmable feature of the SDN, the IPS in the scheme will transmit the intrusion information to the controller, when the intrusion detection system detects intrusion. Then the controller will send security policy to virtual switch, so that it can filter the intrusion traffic and achieve the purpose of blocking intrusion behavior dynamically. A comparative analysis between the proposed scheme and transitional IPS is made through the experiment, the result shows that the efficiency of the intrusion detection in the new scheme can be improved by two times compared with the traditional intrusion prevention scheme. So, it has certain reference significance for the deployment of intrusion prevention scheme in cloud environment.