DocumentCode :
709433
Title :
Scaling the performance of network intrusion detection with many-core processors
Author :
Jaehyun Nam ; Jamshed, Muhammad ; Byungkwon Choi ; Dongsu Han ; KyoungSoo Park
Author_Institution :
Grad. Sch. of Inf. Security, Korea Adv. Inst. of Sci. & Technol., Daejeon, South Korea
fYear :
2015
fDate :
7-8 May 2015
Firstpage :
191
Lastpage :
192
Abstract :
In this work, we present a highly scalable network intrusion detection system on many-core processors. To maximize the NIDS performance, we take advantage of the underlying hardware and adhere to four design principles: shared-nothing architecture, computation offloading, lightweight data structure, and flow offloading. Through the experimental results, we find that our design choices can significantly improve the NIDS performance (79 Gbps with 1514B synthetic packets). We believe that our design decisions can be easily extended to other many-core processors and programmable NICs.
Keywords :
data structures; multiprocessing systems; security of data; NIDS performance; flow offloading; lightweight data structure; many-core processors; network intrusion detection; programmable NIC; shared-nothing architecture; Data structures; Engines; Hardware; Intrusion detection; Pattern matching; Program processors; many-core; network intrusion detection system; of-floading; parallel;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Architectures for Networking and Communications Systems (ANCS), 2015 ACM/IEEE Symposium on
Conference_Location :
Oakland, CA
Type :
conf
DOI :
10.1109/ANCS.2015.7110135
Filename :
7110135
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=709433
بازگشت