نوع مقاله : مقاله پژوهشی
نویسندگان
گروه امنیت شبکه و رمزنگاری، پژوهشکده فضای مجازی، دانشگاه شهید بهشتی، تهران، ایران
چکیده
کلیدواژهها
عنوان مقاله [English]
نویسندگان [English]
The lack of fixed infrastructure and centralized management in most cloud computing networks causes serious security threats. In the past few years, different approaches have been taken based on the distributed software defined network (SDN) to counterbalance these facing challenges. One of these common approaches is the SDN-based Pro Defense framework which uses the threshold intrusion detection to improve security. Although the distributed software defined network is weak in the face of distributed denial of service attacks, it expands the scalability of the above-mentioned framework and resolves the point-breaking problems. On the other hand, utilizing the threshold criterion escalates the network vulnerability. In this research, the author suggests a framework called distributed SDN-based multilayer Pro Defense framework and inspires the input filter or the digital signature, and the hash function based on the Merkle tree is employed as the intrusion prevention agent. This article resolves the threshold intrusion detection criteria by utilizing the Snort intrusion detection system. The results of implementing the suggested framework indicates that it has acceptable traffic control, intrusion detection speed, and stable security.
کلیدواژهها [English]