{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T16:54:06Z","timestamp":1742921646878,"version":"3.40.3"},"publisher-location":"Cham","reference-count":50,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030446840"},{"type":"electronic","value":"9783030446857"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-44685-7_26","type":"book-chapter","created":{"date-parts":[[2020,7,22]],"date-time":"2020-07-22T14:07:01Z","timestamp":1595426821000},"page":"653-673","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Scalable and Collaborative Intrusion Detection and Prevention Systems Based on SDN and NFV"],"prefix":"10.1007","author":[{"given":"Agathe","family":"Blaise","sequence":"first","affiliation":[]},{"given":"Sandra","family":"Scott-Hayward","sequence":"additional","affiliation":[]},{"given":"Stefano","family":"Secci","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,7,23]]},"reference":[{"key":"26_CR1","unstructured":"Alerts AS. Memcached UDP reflection attacks. \n                  https:\/\/blogs.akamai.com\/2018\/02\/memcached-udp-reflection-attacks.html"},{"key":"26_CR2","unstructured":"Antonakakis M, April T, Bailey M, Bernhard M, Bursztein E, Cochran J, Durumeric Z, Halderman JA, Invernizzi L, Kallitsis M, Kumar D, Lever C, Ma Z, Mason J, Menscher D, Seaman C, Sullivan N, Thomas K, Zhou Y (2017) Understanding the Mirai botnet. In: Proceedings of the USENIX Security Symposium (USENIX Security), pp 1093\u20131110"},{"key":"26_CR3","doi-asserted-by":"crossref","unstructured":"Aqil A, Khalil K, Atya AO, Papalexakis EE, Krishnamurthy SV, Jaeger T, Ramakrishnan KK, Yu P, Swami A (2017) Jaal: towards network intrusion detection at ISP scale","DOI":"10.1145\/3143361.3143399"},{"issue":"3","key":"26_CR4","doi-asserted-by":"publisher","first-page":"1501","DOI":"10.1109\/TNET.2016.2632970","volume":"25","author":"S Bhowmik","year":"2017","unstructured":"Bhowmik S, Tariq MA, Koldehofe B, Durr F, Kohler T, Rothermel K (2017) High performance publish\/subscribe middleware in software-defined networks. IEEE\/ACM Trans Netw 25(3):1501\u20131516","journal-title":"IEEE\/ACM Trans Netw"},{"key":"26_CR5","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1145\/2602204.2602211","volume":"44","author":"G Bianchi","year":"2014","unstructured":"Bianchi G, Bonola M, Capone A, Cascone C (2014) Openstate: programming platform-independent stateful openflow applications inside the switch. SIGCOMM Comput Commun Rev 44:44\u201351","journal-title":"SIGCOMM Comput Commun Rev"},{"key":"26_CR6","unstructured":"Bosshart P, Daly D, Gibb G, Izzard M, McKeown N, Rexford J, Schlesinger C, Talayco D, Vahdat A, Varghese G, Walker D. P4: Programming protocol-independent packet processors"},{"key":"26_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2015.11.008","volume":"58","author":"XF Chen","year":"2016","unstructured":"Chen XF, Yu SZ (2016) CIPA: a collaborative intrusion prevention architecture for programmable network and SDN. Comput Secur 58:1\u201319","journal-title":"Comput Secur"},{"key":"26_CR8","unstructured":"Cuppens F, Miege A (2002) Alert correlation in a cooperative intrusion detection framework. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp 202\u2013215. IEEE"},{"key":"26_CR9","doi-asserted-by":"crossref","unstructured":"Doriguzzi-Corin R, Scott-Hayward S, Siracusa D, Salvadori E (2017) Application-centric provisioning of virtual security network functions. In: 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), pp 276\u2013279. IEEE","DOI":"10.1109\/NFV-SDN.2017.8169861"},{"issue":"12","key":"26_CR10","doi-asserted-by":"publisher","first-page":"2805","DOI":"10.1109\/JSAC.2018.2871313","volume":"36","author":"L Fawcett","year":"2018","unstructured":"Fawcett L, Scott-Hayward S, Broadbent M, Wright A, Race N (2018) TENNISON: a distributed SDN framework for scalable network security. IEEE J Sel Areas Commun 36(12):2805\u20132818","journal-title":"IEEE J Sel Areas Commun"},{"key":"26_CR11","unstructured":"Fayaz SK, Tobioka Y, Sekar V, Bailey M (2015) Bohatei: flexible and elastic DDoS defense. In: 24th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security, 15), pp 817\u2013832"},{"issue":"6","key":"26_CR12","doi-asserted-by":"publisher","first-page":"1828","DOI":"10.1109\/TNET.2012.2194508","volume":"20","author":"J Fran\u00e7ois","year":"2012","unstructured":"Fran\u00e7ois J, Aib I, Boutaba R (2012) FireCol: a collaborative protection network for the detection of flooding DDoS attacks. IEEE\/ACM Trans Networking (TON) 20(6):1828\u20131841","journal-title":"IEEE\/ACM Trans Networking (TON)"},{"issue":"1","key":"26_CR13","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1016\/j.comnet.2011.08.015","volume":"56","author":"T Gamer","year":"2012","unstructured":"Gamer T (2012) Collaborative anomaly-based detection of large-scale internet attacks. Comput Netw 56(1):169\u2013185","journal-title":"Comput Netw"},{"key":"26_CR14","doi-asserted-by":"crossref","unstructured":"Garcia-Molina H (1982) Elections in a distributed computing system. IEEE Trans Comput C-31(1):48\u201359","DOI":"10.1109\/TC.1982.1675885"},{"key":"26_CR15","doi-asserted-by":"crossref","unstructured":"Genge B, Haller P (2016) A hierarchical control plane for software-defined networks-based industrial control systems. In: 2016 IFIP Networking Conference (IFIP Networking) and Workshops, pp 73\u201381","DOI":"10.1109\/IFIPNetworking.2016.7497208"},{"key":"26_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.jnca.2016.03.011","volume":"66","author":"PS Gianluigi Folino","year":"2016","unstructured":"Gianluigi Folino PS (2016) Ensemble based collaborative and distributed intrusion detection systems: a survey. J Netw Comput Appl 66:1\u201316","journal-title":"J Netw Comput Appl"},{"key":"26_CR17","doi-asserted-by":"crossref","unstructured":"Gowtham VN, Baratheraja RN, Jayabarathi G, Vetriselvi V (2018) Collaborative intrusion detection system in SDN using game theory","DOI":"10.1007\/978-981-10-6890-4_58"},{"key":"26_CR18","unstructured":"Gregg B. Linux enhanced BPF (eBPF) tracing tools. \n                  http:\/\/www.brendangree.com\/ebpf.html"},{"key":"26_CR19","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1016\/j.comnet.2016.05.019","volume":"109","author":"T Ha","year":"2016","unstructured":"Ha T, Kim S, An N, Narantuya J, Jeong C, Kim J, Lim H (2016a) Suspicious traffic sampling for intrusion detection in software-defined networks. Comput Netw 109:172\u2013182","journal-title":"Comput Netw"},{"issue":"6","key":"26_CR20","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1109\/MNET.2016.1600106NM","volume":"30","author":"T Ha","year":"2016","unstructured":"Ha T, Yoon S, Risdianto AC, Kim J, Lim H (2016b) Suspicious flow forwarding for multiple intrusion detection systems on software-defined networks. IEEE Netw 30(6):22\u201327","journal-title":"IEEE Netw"},{"key":"26_CR21","doi-asserted-by":"crossref","unstructured":"Haddad ZA, Hanoune M, Mamouni A (2016) A collaborative framework for intrusion detection (C-NIDS) in cloud computing. In: 2016 2nd International Conference on Cloud Computing Technologies and Applications (CloudTech), pp 261\u2013265","DOI":"10.1109\/CloudTech.2016.7847708"},{"issue":"3","key":"26_CR22","doi-asserted-by":"publisher","first-page":"23","DOI":"10.3390\/fi10030023","volume":"10","author":"S Hameed","year":"2018","unstructured":"Hameed S, Ahmed Khan H (2018) SDN based collaborative scheme for mitigation of DDoS attacks. Futur Internet 10(3):23","journal-title":"Futur Internet"},{"key":"26_CR23","doi-asserted-by":"crossref","unstructured":"He B, Zou F, Wu Y (2018) Multi-SDN based cooperation scheme for DDOS attack defense. In: 2018 Third International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC)","DOI":"10.1109\/SSIC.2018.8556830"},{"issue":"23\u201324","key":"26_CR24","doi-asserted-by":"publisher","first-page":"2465","DOI":"10.1016\/S1389-1286(99)00114-0","volume":"31","author":"MY Huang","year":"1999","unstructured":"Huang MY, Jasper RJ, Wicks TM (1999) A large scale distributed intrusion detection framework based on attack strategy analysis. Comput Netw 31(23\u201324):2465\u20132475","journal-title":"Comput Netw"},{"key":"26_CR25","doi-asserted-by":"crossref","unstructured":"Kholidy HA, Baiardi F (2012) CIDS: a framework for intrusion detection in cloud systems. In: 2012 Ninth International Conference on Information Technology\u2014New Generations","DOI":"10.1109\/ITNG.2012.94"},{"key":"26_CR26","doi-asserted-by":"crossref","unstructured":"Kholidy HA, Erradi A, Abdelwahed S, Baiardi F (2013) HA-CIDS: a hierarchical and autonomous ids for cloud systems. In: 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks","DOI":"10.1109\/CICSYN.2013.9"},{"key":"26_CR27","unstructured":"Koulouris T, Casassa\u00a0Mont M, Arnell S (2017) SDN4S: software defined networking for security. \n                  https:\/\/www.hpl.external.hp.com\/techreports\/2017\/HPE-2017-07.pdf"},{"key":"26_CR28","doi-asserted-by":"crossref","unstructured":"Lee S, Kim J, Shin S, Porras P, Yegneswaran V (2017) Athena: a framework for scalable anomaly detection in software-defined networks. In: 2017 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp 249\u2013260. IEEE","DOI":"10.1109\/DSN.2017.42"},{"key":"26_CR29","doi-asserted-by":"crossref","unstructured":"Moustafa N, Creech G, Sitnikova E, Keshk M (2017) Collaborative anomaly detection framework for handling big data of cloud computing. In: 2017 Military Communications and Information Systems Conference (MilCIS), pp 1\u20136","DOI":"10.1109\/MilCIS.2017.8190421"},{"key":"26_CR30","doi-asserted-by":"crossref","unstructured":"Popescu DA, Antichi G, Moore AW (2017) Enabling fast hierarchical heavy hitter detection using programmable data planes. In: Proceedings of the Symposium on SDN Research, SOSR \u201917, pp 191\u2013192. ACM","DOI":"10.1145\/3050220.3060606"},{"key":"26_CR31","doi-asserted-by":"crossref","unstructured":"Rashidi B, Fung C (2016) CoFence: a collaborative DDoS defence using network function virtualization. In: 2016 12th International Conference on Network and Service Management (CNSM), pp 160\u2013166. IEEE","DOI":"10.1109\/CNSM.2016.7818412"},{"issue":"1","key":"26_CR32","doi-asserted-by":"publisher","first-page":"623","DOI":"10.1109\/COMST.2015.2453114","volume":"18","author":"S Scott-Hayward","year":"2016","unstructured":"Scott-Hayward S, Natarajan S, Sezer S (2016) A survey of security in software defined networks. IEEE Commun Surv Tutorials 18(1):623\u2013654","journal-title":"IEEE Commun Surv Tutorials"},{"key":"26_CR33","doi-asserted-by":"crossref","unstructured":"Shah R, Vutukuru M, Kulkarni P (2017) Devolve-redeem: hierarchical SDN controllers with adaptive offloading. In: APNet","DOI":"10.1145\/3106989.3107001"},{"key":"26_CR34","doi-asserted-by":"crossref","unstructured":"Shah R, Vutukuru M, Kulkarni P (2018) Cuttlefish: hierarchical SDN controllers with adaptive offload. In: 2018 IEEE 26th International Conference on Network Protocols (ICNP), pp 198\u2013208","DOI":"10.1109\/ICNP.2018.00029"},{"key":"26_CR35","doi-asserted-by":"publisher","unstructured":"Shanmugam PK, Subramanyam ND, Breen J, Roach C, der Merwe JV (2014) DEIDtect: towards distributed elastic intrusion detection. In: Proceedings of the ACM SIGCOMM Workshop on Distributed Cloud Computing (DCC). \n                  https:\/\/doi.org\/10.1145\/2627566.2627579","DOI":"10.1145\/2627566.2627579"},{"issue":"4","key":"26_CR36","first-page":"699","volume":"18","author":"D Singh","year":"2016","unstructured":"Singh D, Patel D, Borisaniya B, Modi C (2016) Collaborative IDS framework for cloud. Int J Netw Secur 18(4):699\u2013709","journal-title":"Int J Netw Secur"},{"key":"26_CR37","doi-asserted-by":"crossref","unstructured":"Singh K, Singh A (2018) Memcached DDoS exploits: operations, vulnerabilities, preventions and mitigations. In: 2018 IEEE 3rd International Conference on Computing, Communication and Security (ICCCS), pp 171\u2013179","DOI":"10.1109\/CCCS.2018.8586810"},{"key":"26_CR38","doi-asserted-by":"crossref","unstructured":"Sivaraman V, Narayana S, Rottenstreich O, Muthukrishnan S, Rexford J (2017) Heavy-hitter detection entirely in the data plane. In: Proceedings of the Symposium on SDN Research, SOSR \u201917, pp 164\u2013176. ACM","DOI":"10.1145\/3050220.3063772"},{"key":"26_CR39","unstructured":"Snapp SR (1992) The DIDS (distributed intrusion detection system) prototype. In: Summer USENIX Conference, San Antonio, Texas, pp 227\u2013233. USENIX Association"},{"issue":"3","key":"26_CR40","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1109\/MCC.2014.53","volume":"1","author":"Z Tan","year":"2014","unstructured":"Tan Z, Nagar UT, He X, Nanda P, Liu RP, Wang S, Hu J (2014) Enhancing big data security with collaborative intrusion detection. IEEE Cloud Comput 1(3):27\u201333","journal-title":"IEEE Cloud Comput"},{"key":"26_CR41","doi-asserted-by":"crossref","unstructured":"Tariq MA, Koldehofe B, Bhowmik S, Rothermel K (2014) PLEROMA: a SDN-based high performance publish\/subscribe middleware","DOI":"10.1145\/2663165.2663338"},{"key":"26_CR42","doi-asserted-by":"publisher","first-page":"3959","DOI":"10.1109\/JSYST.2018.2798060","volume":"12","author":"PW Tsai","year":"2018","unstructured":"Tsai PW, Tsai CW, Hsu CW, Yang CS (2018) Network monitoring in software-defined networking: a review. IEEE Syst J 12:3959\u20133969","journal-title":"IEEE Syst J"},{"issue":"1","key":"26_CR43","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2886100","volume":"16","author":"K Wang","year":"2016","unstructured":"Wang K, Du M, Yang D, Zhu C, Shen J, Zhang Y (2016) Game-theory-based active defense for intrusion detection in cyber-physical embedded systems. ACM Trans Embed Comput Syst 16(1):1\u201321","journal-title":"ACM Trans Embed Comput Syst"},{"key":"26_CR44","unstructured":"Wu YS, Foo B, Mei Y, Bagchi S (2003) Collaborative intrusion detection system (CIDS): a framework for accurate and efficient ids. In: 19th Annual Computer Security Applications Conference, 2003. Proceedings, pp 234\u2013244. IEEE"},{"key":"26_CR45","doi-asserted-by":"crossref","unstructured":"Xing J, Zhou H, Shen J, Zhu K, Wangt Y, Wu C, Ruan W (2018) AsIDPS: auto-scaling intrusion detection and prevention system for cloud. In: 2018 25th International Conference on Telecommunications (ICT), pp 207\u2013212. IEEE","DOI":"10.1109\/ICT.2018.8464855"},{"key":"26_CR46","doi-asserted-by":"crossref","unstructured":"Xing T, Xiong Z, Huang D, Medhi D (2014) SDNIPS: enabling software-defined networking based intrusion prevention system in clouds. In: 10th International Conference on Network and Service Management (CNSM) and Workshop, pp 308\u2013311. IEEE","DOI":"10.1109\/CNSM.2014.7014181"},{"key":"26_CR47","unstructured":"Yu M, Jose L, Miao R (2013) Software defined traffic measurement with opensketch. In: Proceedings of the 10th USENIX Conference on Networked Systems Design and Implementation, pp 29\u201342. USENIX Association"},{"key":"26_CR48","doi-asserted-by":"crossref","unstructured":"Yu T, Fayaz SK, Collins M, Sekar V, Seshan S (2017) PSI: precise security instrumentation for enterprise networks. In: Proceedings of NDSS","DOI":"10.14722\/ndss.2017.23200"},{"key":"26_CR49","unstructured":"Zhang K, Jacobsen HA (2013) SDN-like: the next generation of pub\/sub. arXiv preprint \n                  arXiv:1308.0056"},{"key":"26_CR50","doi-asserted-by":"crossref","unstructured":"Zhu Q, Fung C, Boutaba R, Basar T (2009) A game-theoretical approach to incentive design in collaborative intrusion detection networks. In: 2009 International Conference on Game Theory for Networks, pp 384\u2013392","DOI":"10.1109\/GAMENETS.2009.5137424"}],"container-title":["Computer Communications and Networks","Guide to Disaster-Resilient Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-44685-7_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,22]],"date-time":"2020-07-22T23:29:37Z","timestamp":1595460577000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-44685-7_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030446840","9783030446857"],"references-count":50,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-44685-7_26","relation":{},"ISSN":["1617-7975","2197-8433"],"issn-type":[{"type":"print","value":"1617-7975"},{"type":"electronic","value":"2197-8433"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"23 July 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}