The traditional intrusion prevention system is the serially connected in the network environment, its ability to deal with the intrusion is limited and may cause network congestion easily. In order to solve the problems, an intrusion prevention scheme for cloud computing applications was designed based on Software Defined Network (SDN). Firstly, the SDN controller was integrated in the OpenStack platform. Then, by using the programmable characteristics of the controller, the linkage mechanism of intrusion detection and controller was designed to realize the intrusion prevention. The principle of the linkage mechanism is that the intrusion information is passed to the controller when the intrusion detection system detects the intrusion, then the security policy was issued to the virtual switch by the controller for filtering the intrusion traffic and dynamically preventing the intrusion. Finally, the proposed scheme was compared with the traditional intrusion prevention scheme in experiment. The comparison and analysis results show that, the proposed scheme can detect more than 90% of the instructions when they come at 40000 packets per second, while the traditional scheme only detect 85% of the instructions when they come at 12000 packets per second. The proposed scheme can be used to improve the detection efficiency of intrusion prevention in the cloud environment.

Aimming at the problem that the traditional physical layer security algorithm does not make full use of the channel,a new physical layer channel detection algorithm was proposed. In view of the essential properties of 4G wireless channel, combined with the hypothesis testing, Support Vector Machine (SVM) was used to analyse the metrics of channel vector to decide whether there are counterfeit attackers or not. Simulation experiments show that the accuracy of the proposed algorithm based on linear kernel is more than 98%, and the accuracy of the proposed algorithm based on Radial Basis Function (RBF) is more than 99%. The proposed algorithm can make full use of the wireless channel characteristics of different spatial locations to implement authenticaton of information source one by one, and hence enhances the security of the system.