Running an IDS Virtual Network Function inside an SDN Bare Metal Commodity Switch

Shie-Yuan Wang, Yi Hsuan Hsieh

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In this paper, we design, implement, and evaluate the real performance of running multiple Snort IDS (intrusion detection system) VNFs (virtual network function) inside a bare metal commodity switch. In the past, normally people ran Snort on a stand-alone server and configure switches to direct packets to it for inspection. However, more recently there is a trend to implement and run VNF directly inside a switch for immediate and intelligent processing of packets. Our work of running Snort directly inside a bare metal commodity switch as a VNF is the first work of its kind in the world. In this paper, we present real performance results and important findings from this innovative work.

Original languageEnglish
Title of host publication2018 IEEE International Conference on Communications, ICC 2018 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Print)9781538631805
DOIs
StatePublished - 27 Jul 2018
Event2018 IEEE International Conference on Communications, ICC 2018 - Kansas City, United States
Duration: 20 May 201824 May 2018

Publication series

NameIEEE International Conference on Communications
Volume2018-May
ISSN (Print)1550-3607

Conference

Conference2018 IEEE International Conference on Communications, ICC 2018
CountryUnited States
CityKansas City
Period20/05/1824/05/18

Keywords

  • Bare metal commodity switch
  • Intrusion detection system
  • Network function virtualization
  • SDN

Fingerprint Dive into the research topics of 'Running an IDS Virtual Network Function inside an SDN Bare Metal Commodity Switch'. Together they form a unique fingerprint.

Cite this