Gnort: High Performance Network Intrusion Detection Using Graphics Processors
作者: Michalis Polychronakis , Evangelos P. Markatos , Sotiris Ioannidis , Giorgos Vasiliadis , Spiros Antonatos
DOI: 10.1007/978-3-540-87403-4_7
关键词:
摘要: The constant increase in link speeds and number of threats poses challenges to network intrusion detection systems (NIDS), which must cope with higher traffic throughput perform even more complex per-packet processing. In this paper, we present an system based on the Snort open-source NIDS that exploits underutilized computational power modern graphics cards offload costly pattern matching operations from CPU, thus overall processing throughput. Our prototype system, called Gnort, achieved a maximum 2.3 Gbit/s using synthetic traces, while when monitoring real commodity Ethernet interface, it outperformed unmodified by factor two. results suggest can be used effectively speed up systems, as well other involve operations.
springer.com
forth.gr
sci-hub.se 参考文章(34)
Willem de Bruijn, Asia Slowinska, Kees van Reeuwijk, Tomas Hruby, Li Xu, Herbert Bos, SafeCard: A Gigabit IPS on the Network Card Lecture Notes in Computer Science. pp. 311- 330 ,(2006) , 10.1007/11856214_16
Udi Manber, Sun Wu, A FAST ALGORITHM FOR MULTI-PATTERN SEARCHING ,(1999)
Katsuhiro Watanabe, Nobuhiko Tsuruoka, Ryutaro Himeno, Performance of Network Intrusion Detection Cluster System ieee international conference on high performance computing data and analytics. pp. 278- 287 ,(2003) , 10.1007/978-3-540-39707-6_22
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Fang Yu, R.H. Katz, T.V. Lakshman, Gigabit rate packet pattern-matching using TCAM international conference on network protocols. pp. 174- 183 ,(2004) , 10.1109/ICNP.2004.1348108
Beate Commentz-Walter, A String Matching Algorithm Fast on the Average international colloquium on automata, languages and programming. pp. 118- 132 ,(1979) , 10.1007/3-540-09510-1_10
Mike Fisk, George Varghese, Applying Fast String Matching to Intrusion Detection Conference title not supplied, Conference location not supplied, Conference dates not supplied. ,(2002) , 10.21236/ADA406266
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
R. Sidhu, V.K. Prasanna, Fast Regular Expression Matching Using FPGAs field-programmable custom computing machines. pp. 227- 238 ,(2001) , 10.1109/FCCM.2001.22
Matthias Vallentin, Robin Sommer, Jason Lee, Craig Leres, Vern Paxson, Brian Tierney, The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware recent advances in intrusion detection. pp. 107- 126 ,(2007) , 10.1007/978-3-540-74320-0_6