Changes between Version 48 and Version 49 of GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning


Ignore:
Timestamp:
11/01/17 13:22:04 (6 years ago)
Author:
Nabeel Akhtar
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning

    v48 v49  
    33== Overview ==
    44
    5 In this experiment, we will use the Ryu controller to handle intrusion traffic in the form of port scans generated by the Nmap application. The system is the same as the one used in [wiki:GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu Experiment 3], where we use a RINA distributed application to get the intrusion detection alerts from the VNFs (i.e., Snort) as well as the load of the VNFs. When an intrusion is detected by the VNFs, the information will be passed to the Attack Analyzer residing on the controller node via the RINA distributed application. The Attack Analyzer informs the Ryu controller about the attack, which then blocks the intrusion traffic by updating the OpenFlow rules on the OVS switch.
     5In this experiment, we will use the Ryu controller to handle intrusion traffic in the form of port scans generated by the Nmap application. The system is the same as the one used in [wiki:GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-ping Experiment 3], where we use a RINA distributed application to get the intrusion detection alerts from the VNFs (i.e., Snort) as well as the load of the VNFs. When an intrusion is detected by the VNFs, the information will be passed to the Attack Analyzer residing on the controller node via the RINA distributed application. The Attack Analyzer informs the Ryu controller about the attack, which then blocks the intrusion traffic by updating the OpenFlow rules on the OVS switch.
    66
    77