Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Computer Engineering
Active Response Using Host-Based Intrusion Detection System And Software-Defined Networking, Jonathon S. Goodgion
Active Response Using Host-Based Intrusion Detection System And Software-Defined Networking, Jonathon S. Goodgion
Theses and Dissertations
This research proposes AHNSR: Active Host-based Network Security Response by utilizing Host-based Intrusion Detection Systems (HIDS) with Software-Defined Networking (SDN) to enhance system security by allowing dynamic active response and reconstruction from a global network topology perspective. Responses include traffic redirection, host quarantining, filtering, and more. A testable SDN-controlled network is constructed with multiple hosts, OpenFlow enabled switches, and a Floodlight controller, all linked to a custom, novel interface for the Open-Source SECurity (OSSEC) HIDS framework. OSSEC is implemented in a server-agent architecture, allowing scalability and OS independence. System effectiveness is evaluated against the following factors: alert density and a …
Collaboratively Detecting Http-Based Distributed Denial Of Service Attack Using Software Defined Network, Ademola A. Ikusan
Collaboratively Detecting Http-Based Distributed Denial Of Service Attack Using Software Defined Network, Ademola A. Ikusan
Browse all Theses and Dissertations
Over the years, there have been a lot of attacks on the web servers of critical companies and organization. As much as these organizations tighten their security, it always tends not to be enough to stop all the attacks towards their servers. These attack vectors are so difficult to stop because of the technicalities behind the attack. Furthermore, there are different classes of distributed denial of service(DDoS) attacks such as the high rates (SYN Flood attacks, ARP Flood attacks, etc), low-rate(HTTP-GET, HTTP-POST). Although there are different ways to stop high rate DDoS attacks by traffic sampling and detecting malformed packets …