Reference : Scalable High-Performance Parallel Design for Network Intrusion Detection Systems on ...
Scientific congresses and symposiums : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/2268/167807
Scalable High-Performance Parallel Design for Network Intrusion Detection Systems on Many-Core Processors
English
Jiang, Hayang [Chinese Academy of Sciences - CAS > Institute of Computing Technology - ICT > > >]
Xie, Gaogang [Chinese Academy of Sciences - CAS > Institute of Computing Technology - ICT > > >]
Salamatian, Kavé [Université de Savoie > > > >]
Mathy, Laurent mailto [Université de Liège - ULg > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Systèmes informatiques répartis et sécurité >]
2013
Proceedings of ANCS 2013
Yes
International
978-1-4799-1640-5
ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)
2013
[en] Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. This work explores new parallel opportunities afforded by many-core processors for high performance, scalable and inexpensive NIDS. We exploit the huge many-core computational power by adopting a hybrid parallel architecture combining data and pipeline parallelism. We also design a hybrid load balancing scheme, using both ruleset and flow space partitioning. Furthermore, the proposed design leverages particular features of the processor to break the bottlenecks. We have integrated the open source NIDS Suricata into our proposed design and evaluated its performance with synthetic traffic. The prototype exhibits almost linear speedup and can handle up to 7.2 Gbps traffic with 100-bytes packets.
http://hdl.handle.net/2268/167807
10.1109/ANCS.2013.6665196

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
06665196.pdfPublisher postprint710.6 kBView/Open

Bookmark and Share SFX Query

All documents in ORBi are protected by a user license.