摘要
针对传统测评方法依赖模拟环境来仿真真实网络流量的现状,提出一种基于OpenFlow的入侵检测评估系统.该系统基于软件定义网络技术(OpenFlow)的入侵检测评估模型,随后对该模型的框架、设置方法、具体工作过程等进行详细阐述,设计了基于该模型的测评系统,该系统利用OpenFlow灵活的网络控制能力为IDS测评搭建真实可控的网络环境,提供入侵检测所需的真实网络流量和攻击数据.最后利用该测评系统对该模型进行试验仿真,实验结果表明传统方法相比,本文提出的基于OpenFlow的入侵检测评估模型在测评效果和准确性上有较好的性能.
The traditional evaluation methods rely on simulation environment to simulate real network traffic status quo, the proposed intrusion detection system is based on Open Flow's assessment. The system is software-defined networking technology(Open Flow) evaluation model based on the intrusion detection.We discussed the framework, setting methods, and specific work of this model in details. Our work designed an evaluation system based on this model, which uses a flexible network Open Flow control structures for the evaluation of the true IDS controlled network environment, and provides the necessary intrusion detection and attack the real network traffic data. Finally, the evaluation system was used to test the simulation model. The experimental results show that compared to the traditional methods, the proposed Open Flow intrusion detection model based on the evaluation can assess the effectiveness and accuracy of better performance.
出处
《计算机系统应用》
2014年第12期82-87,共6页
Computer Systems & Applications
基金
广东省教育科学"十二五"规划2013年度教育信息技术研究项目(13JXN044)
关键词
IDS评估
OpenFlow
入侵检测
评估模型
IDS
OpenFlow
software defined network technology
evaluation model of intrusion detection based on OpenFlow
