首页>
外国专利>
NETWORK SYSTEM for FORWARDING TRAFFIC for intrusion detection ON SOFTWARE-DEFINED NETWORKS
NETWORK SYSTEM for FORWARDING TRAFFIC for intrusion detection ON SOFTWARE-DEFINED NETWORKS
展开▼
机译:用于在软件定义的网络上进行入侵检测的转发流量的网络系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
The present invention relates to a traffic forwarding network system for intrusion detection in a Software Defined Network (SDN). Provided may be the network system comprising: a plurality of nodes which are connected to a network, each of which generates information to be transmitted and each of which transmits the information to another node over the network; at least one switch which is configured to transmit and receive information to and from the nodes or another switch; an SDN controller which sets a path of information in the network and which is configured to analyze information; and at least one Intrusion Detection System (IDS) which detects an intrusion into the network system through analysis of information transmitted by the SDN controller; wherein the SDN controller analyzes a plurality of data flows, i.e., paths of information between the nodes, determines similarities between the data flows, groups the data flows into a plurality of groups based on the similarities, allocates the IDS corresponding to the groups, and transmits part of information transmitted via the data flows to the IDS corresponding to the data flows. Accordingly, flows passing through similar paths in an SDN are forwarded to the identical IDS, thereby enabling an attack to be detected.
展开▼