I. Introduction
In order to prevent computing devices in the organization from being compromised, firewall, intrusion detection system (IDS), and intrusion detection system (IPS) that can detect and block malicious files are essential. For the quick and flexible network management and maintenance in large organization networks, Software Defined Network (SDN) [1] should be utilized. While integrating SDN with IDS, the network administrators can deploy a flexible firewall system [2] [3]. In this integration, IDS will detect anomaly packets that may be attacks from the outsider and inform the SDN controller. Moreover, multiple IDS servers can be used for providing the load balance between IDS servers as well.