-
公开(公告)号:US11336622B2
公开(公告)日:2022-05-17
申请号:US16689003
申请日:2019-11-19
Applicant: GWANGJU INSTITUTE OF SCIENCE AND TECHNOLOGY
Inventor: Hyuk Lim , Sung Hwan Kim , Jargalsaikhan Narantuya , Seung Hyun Yoon
Abstract: An apparatus for deploying a firewall on a software-defined network (SDN) includes a public key distributor configured to transmit a public key, a resource monitor configured to monitor resources of a network, a host monitor configured to receive a firewall rule of at least one host, which is encrypted by the public key, a decryption unit configured to decrypt information received from the host monitor by using a secret key, a merge unit configured to merge the decrypted information to provide a merged firewall rule, and a firewall deployment unit configured to deploy the merged firewall rule to a switch.
-
公开(公告)号:US09876808B2
公开(公告)日:2018-01-23
申请号:US14861665
申请日:2015-09-22
Applicant: GWANGJU INSTITUTE OF SCIENCE AND TECHNOLOGY
Inventor: Hyuk Lim , Jong-Won Kim , Jargalsaikhan Narantuya , Tae-Jin Ha , Chi-Wook Jeong
CPC classification number: H04L63/1416 , H04L43/024 , H04L43/026
Abstract: A method for detecting an intrusion in a network is disclosed. The network includes a plurality of nodes for data transmission/reception and switches for relaying flow transmission/reception between the nodes, and an intrusion detection system (IDS) is combined with the network to form a system The method includes: installing SDN-enabled switches for flow sampling in the network to connect them to SDN controllers; determining, by the SDN controller, the number of network flows and the number of switches; deriving a sampling rate for each of the SDN-enabled switches; forwarding, by the switches, packet information sampled at respective sampling rates to the IDS; and identifying, by the IDS, malicious data based on the packet information to update the sampling rate of each of the SDN switches.
-
Search Results
2
records
(took 0.027 seconds)
