Quick Blocking Operation of Firewall System Cooperating with IDS and SDN
| dc.contributor.author | Katsura Y. | |
| dc.contributor.author | Sakarin P. | |
| dc.contributor.author | Yamai N. | |
| dc.contributor.author | Kimiyama H. | |
| dc.contributor.author | Visoottiviseth V. | |
| dc.contributor.other | Mahidol University | |
| dc.date.accessioned | 2023-06-18T17:13:00Z | |
| dc.date.available | 2023-06-18T17:13:00Z | |
| dc.date.issued | 2022-01-01 | |
| dc.description.abstract | Firewalls, intrusion detection systems (IDSs), and intrusion prevention systems (IPSs) are normally used to filter anomaly traffic and prevent attacks from the Internet. However, preconfiguring firewalls and IDS on multiple devices is an exhausting work for the network administrators. Software Defined Network (SDN) is the concept proposed to make the network management easier by using an SDN controller and SDN switches. In this research, we propose a system that integrates IDS together with SDN in order to block anomaly traffic in a fast manner. Once the IDS detects anomaly traffic, it will send an alert message back to the SDN switch. Then, this alert message will be sent as a PacketIn message to the SDN controller in order to set up rules to block the attack. To evaluate our system, we conduct experiments to compare the performance of our proposed system using syslog and Socket API with the existing method that uses REST API, and another comparison method, in term of processing time. Our experiment results confirm that our proposed method can result in the smaller latency and can quickly block malicious traffic. | |
| dc.identifier.citation | International Conference on Advanced Communication Technology, ICACT Vol.2022-February (2022) , 393-398 | |
| dc.identifier.doi | 10.23919/ICACT53585.2022.9728831 | |
| dc.identifier.issn | 17389445 | |
| dc.identifier.scopus | 2-s2.0-85127515663 | |
| dc.identifier.uri | https://repository.li.mahidol.ac.th/handle/20.500.14594/84644 | |
| dc.rights.holder | SCOPUS | |
| dc.subject | Engineering | |
| dc.title | Quick Blocking Operation of Firewall System Cooperating with IDS and SDN | |
| dc.type | Conference Paper | |
| mu.datasource.scopus | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85127515663&origin=inward | |
| oaire.citation.endPage | 398 | |
| oaire.citation.startPage | 393 | |
| oaire.citation.title | International Conference on Advanced Communication Technology, ICACT | |
| oaire.citation.volume | 2022-February | |
| oairecerif.author.affiliation | Nara Institute of Science and Technology | |
| oairecerif.author.affiliation | Daido University | |
| oairecerif.author.affiliation | Mahidol University | |
| oairecerif.author.affiliation | Tokyo University of Agriculture and Technology |
