本文將提出將IDS配合SDN應用程式自動化的構想,用以優化IDS或IPS告警程序並縮短網管人員進行防火牆等網路設備修訂網路政策所需時間,進而降低網路攻擊成功之機會,同時封鎖網路攻擊封包來源,使攻擊封包進網路交換器傳送前即被丟棄,從而大量減少網路攻擊封包所消耗的頻寬。 In cyber world, it has been always an important issue that to prevent disasters from external intrusion as well as internal attacks. How to effectively prevent from cyber attacks or reduce the damage of a successful cyber attacks are then critical to be explored. Usually they are rely on intrusion detection or intrusion prevention systems for early warning, however, a software-defined network (SDN) architecture has been proposed such that a self-developed SDN application program can be employed to effectively defense and timely response to the potential network attack .
In this article, a concept that using IDS application with SDN automation is proposed. It can optimize IDS/IPS alert procedures and shorten the time of amending network security policy on network equipments such as firewall and routers. It is supposed to reduce the possibility of a successful cyber attack than the usual way. Furthermore, SDN cooperated with Open Flow can also discard attack packets in advance before they can enter into network switch, this will reduce the bandwidth consumed by network attacks.
