Deep Packet Inspection Time-Aware Load Balancer on Many-Core Processors for Fast Intrusion Detection
نویسندگان
چکیده
منابع مشابه
A Survey on Deep Packet Inspection for Intrusion Detection Systems
Deep packet inspection is widely recognized as a powerful way which is used for intrusion detection systems for inspecting, deterring and deflecting malicious attacks over the network. Fundamentally, almost intrusion detection systems have the ability to search through packets and identify contents that match with known attacks. In this paper, we survey the deep packet inspection implementation...
متن کاملParallel Packet Processing on Multi-core and Many- core Processors
The Service-oriented Router (SoR), a highly functional router based on a novel router architecture, enables unprecedented web services traditional routers were unable to provide. The SoR performs Deep Packet Inspection (DPI) to analyze Layer 7 information, which is becoming increasingly difficult due to the substantial increase in Internet traffic. Meanwhile, multi-core processors and general-p...
متن کاملHaetae: Scaling the Performance of Network Intrusion Detection with Many-Core Processors
In this paper, we present the design and implementation of Haetae, a high-performance Suricata-based NIDS on many-core processors (MCPs). Haetae achieves high performance with three design choices. First, Haetae extensively exploits high parallelism by launching NIDS engines that independently analyze the incoming flows at high speed as much as possible. Second, Haetae fully leverages programma...
متن کاملElastic Deep Packet Inspection
Deep packet inspection (DPI) systems are required to perform at or near network line-rate speeds, matching thousands of rules against the network traffi c. The engineering performance and price trade-offs are such that DPI is diffi cult to virtualize, either because of very high memory consumption or the use of custom hardware; similarly, a running DPI instance is diffi cult to ‘move’ cheaply t...
متن کاملFast Content-Based Packet Handling for Intrusion Detection
It is becoming increasingly common for network devices to handle packets based on the contents of packet payloads. Example applications include intrusion detection, firewalls, web proxies, and layer seven switches. This paper analyzes the problem of intrusion detection and its reliance on fast string matching in packets. We show that the problem can be restructured to allow the use of more effi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEIE Transactions on Smart Processing and Computing
سال: 2016
ISSN: 2287-5255
DOI: 10.5573/ieiespc.2016.5.3.169