Conservative vs. Optimistic Parallelization of Stateful Network Intrusion Detection

被引:3
|
作者
Schuff, Derek L. [1 ]
Choe, Yung Ryn [1 ]
Pai, Vijay S. [1 ]
机构
[1] Purdue Univ, W Lafayette, IN 47907 USA
来源
PROCEEDINGS OF THE 2007 ACM SIGPLAN SYMPOSIUM ON PRINCIPLES AND PRACTICE OF PARALLEL PROGRAMMING PPOPP'07 | 2007年
关键词
Snort; Parallelization;
D O I
10.1145/1229428.1229455
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper presents two approaches to parallelizing the Snort network intrusion detection system (NIDS). One scheme parallelizes NIDS processing conservatively across independent network flows, while the other optimistically achieves intra-flow parallelism by exploiting the observation that certain intra-flow dependences are uncommon and may be ignored under certain circumstances. Both schemes achieve average speedup over 2 on four cores, with an average throughput over 1 Gbps on 5 traces tested.
引用
收藏
页码:138 / 139
页数:2
相关论文
共 50 条
  • [1] Conservative vs. optimistic parallelization of stateful network intrusion detection
    Schuff, Derek. L.
    Choe, Yung Ryn
    Pai, Vijay S.
    ISPASS 2008: IEEE INTERNATIONAL SYMPOSIUM ON PERFORMANCE ANALYSIS OF SYSTEMS AND SOFTWARE, 2008, : 32 - 43
  • [2] Implementation of a Stateful Network Protocol Intrusion Detection Systems
    Seng, S.
    Garcia-Alfaro, J.
    Laarouci, Y.
    SECRYPT : PROCEEDINGS OF THE 19TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2022, : 398 - 405
  • [3] Model redundancy vs. intrusion detection
    Li, ZW
    Das, A
    Emmanuel, S
    INFORMATION SECURITY PRACTICE AND EXPERIENCE, 2005, 3439 : 217 - 229
  • [4] The NIDS cluster: Scalable, stateful network intrusion detection on commodity hardware
    Vallentin, Matthias
    Sommer, Robin
    Lee, Jason
    Leres, Craig
    Paxson, Vern
    Tierney, Brian
    RECENT ADVANCES IN INTRUSION DETECTION, PROCEEDINGS, 2007, 4637 : 107 - +
  • [5] Parallelization of Network Intrusion Detection Systems under Attack Conditions
    Rietz, Rene
    Vogel, Michael
    Schuster, Franka
    Koenig, Hartmut
    DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2014, 2014, 8550 : 172 - 191
  • [6] M of N features vs. intrusion detection
    Li, ZW
    Das, A
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2005, PT 1, 2005, 3480 : 994 - 1003
  • [7] Work Balancing vs. Load Balancing for Network IDS Parallelization
    Doroud, Hossein
    Wiese, Tobias
    Erlacher, Felix
    Dressler, Falko
    2023 INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING, IWCMC, 2023, : 488 - 493
  • [8] A stateful real time intrusion detection system for high-speed network
    Sourour, Meharouech
    Adel, Bouhoula
    Tarek, Abbes
    21st International Conference on Advanced Networking and Applications, Proceedings, 2007, : 404 - 411
  • [9] Conservative vs optimistic rationality in games: A revisitation
    Fotso, Alphonse Fodouop
    Pongou, Roland
    Tchantcho, Bertrand
    ECONOMICS LETTERS, 2017, 156 : 42 - 47
  • [10] Features vs. attacks: A comprehensive feature selection model for network based intrusion detection systems
    Onut, Iosif-Viorel
    Ghorbani, Ali A.
    INFORMATION SECURITY, PROCEEDINGS, 2007, 4779 : 19 - +
12345