Title :
Embedded Network Intrusion Detection Systems with a Multi-core Aware Packet Capture Module
Author :
Hsu, Chia-Hao ; Wang, Sheng-De
Author_Institution :
Dept. of Electr. Eng., Nat. Taiwan Univ., Taipei, Taiwan
Abstract :
Network security has been a main concern in the Internet. To address this issue, network intrusion detection or prevention tools have become indispensable for system security. In this paper we first propose a multi-core aware packet capture module and integrated it with a network intrusion detection system (NIDS). We then analyze the performance of the NIDS under different packet capture libraries in high speed networks. The proposed multi-core aware packet capture module, called Flow Ring, can enhance the performance of NIDS to meet the speed requirements without packet loss. Together with the techniques for the configuration of an NIDS with respect to multi-core and IRQ affinity, the proposed approach can get the most effective performance.
Keywords :
Internet; embedded systems; multiprocessing systems; security of data; IRQ affinity; Internet; NIDS; embedded network intrusion detection system; flow ring; multicore aware packet capture module; network security; packet capture libraries; packet loss; High-speed networks; Kernel; Libraries; Linux; Multicore processing; Protocols; Sockets; Linux kernel; intrusion detection system; packet capture; ring buffers;
Conference_Titel :
Parallel Processing Workshops (ICPPW), 2011 40th International Conference on
Conference_Location :
Taipei City
Print_ISBN :
978-1-4577-1337-8
Electronic_ISBN :
1530-2016
DOI :
10.1109/ICPPW.2011.37
