Existing hardware-centric network equipment cannot satisfy various user demands for the expansion of network resources. Many SDN (Software Define Network)-based controllers have been developed to address these limitations by using software to control these network resources flexibly. Among them, ONOS (Open Network Operating System) is one of the largest participating vendors capable of providing the operating functions of an OS. ONOS can be extended for applications by adding plug-ins developed by programmers. Although SDN is more convenient and efficient than traditional network management systems, several security vulnerabilities have been found. ONOS overcomes these problems by providing an ACL (Access Control List) application as a firewall against static network attacks. However, it is not sufficient for dynamic continuous intrusion detection. This paper presents the system we developed to provide automatic network intrusion detection and defense using an SDN-based ONOS controller. By adopting machine-learning algorithms, we expect to implement an automatic intrusion detection system for security of ONOS controller.

Username
Password