A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
A Novel Header Matching Algorithm For Intrusion Detection Systems
2011
International journal of network security and its applications
Preserved Fulltext
We proposed a new parallelized matching algorithm for intrusion detection system called distributed packet header matching algorithm (DPHM). ...
With the rapid evolution of the Internet and its applications, the current used network intrusion detection systems (NIDS) are becoming inefficient because of the amount of the traffic that needs to be ...
Acknowledgment The authors would like to thank Al-Zaytoonah University of Jordan for supporting this study. ...
doi:10.5121/ijnsa.2011.3406
fatcat:si6hx7jxwncf3mlhky7viyktqi
Data De-duplication and Event Processing for Security Applications on an Embedded Processor
2012
2012 IEEE 31st Symposium on Reliable Distributed Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Intel Core 2 Duo processor, the positive results obtained make a case for using the Atom processor in networked applications employing mobile devices. ...
An example is corporate networks employing intrusion detection systems where there is a deluge of alert data, confounding the computations involved in sensor information fusion and alert correlation. ...
In corporate networks such cyber events are generated by deploying intrusion detection and intrusion prevention (IDS/IPS) systems. ...
doi:10.1109/srds.2012.18
dblp:conf/srds/NagarajaiahUG12
fatcat:sblekvn56vazxmmdrxdor462ca
Using Cell Processors for Intrusion Detection through Regular Expression Matching with Speculation
2011
2011 International Conference on Complex, Intelligent, and Software Intensive Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The main purpose of network intrusion detection systems is to determine whether incoming network traffic matches known attack signatures. ...
The main weakness with existing signature matching algorithms is that they are essentially serial operations and it is hard for them to keep up with the growing network speed. ...
Systems, Project CNCSIS-IDEI ID: 1710. ...
doi:10.1109/cisis.2011.38
dblp:conf/cisis/RaduLCL11
fatcat:f5uvohvclzaddnww6mezlp3xvy
Multi-Core Architecture on FPGA for Large Dictionary String Matching
2009
2009 17th IEEE Symposium on Field Programmable Custom Computing Machines
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Several design optimization techniques are utilized to realize a simple design with high clock rate for the string matching engine. ...
In this paper, we propose a multi-core architecture on FPGA to address these challenges. We adopt the popular Aho-Corasick (AC-opt) algorithm for our string matching engine. ...
Yang, Weirong Jiang, Danko Krajisnik and Ju-wook Jang for helpful discussions and comments on an early draft of the paper. ...
doi:10.1109/fccm.2009.43
dblp:conf/fccm/WangP09
fatcat:ko7ny5h2vzfgxbwk6vbktzqjtm
Network intrusion detection using hardware techniques: A review
2016
2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
This paper reviews and compares hardware based techniques that are commonly used in intrusion detection systems with a special emphasis on modern hardware platforms such as FPGA, GPU, many-core processors ...
Our approach to classify modern hardware-based Intrusion Detection System (IDS) techniques is based on the detection approach. ...
HARDWARE TECHNIQUES FOR STRING AND PATTERN
MATCHING String and pattern matching-based techniques are commonly used in network based intrusion detection systems in which the attack patterns are modeled ...
doi:10.1109/lisat.2016.7494100
fatcat:z2a5na5margvvhybu7qpy4yaqm
Haetae: Scaling the Performance of Network Intrusion Detection with Many-Core Processors
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Our system outperforms the best-known GPU-based NIDS by 2.4 times and the best-performing MCP-based system by 1.7 times. ...
This dynamic flow offloading utilizes all processing power on a given system regardless of processor types. ...
Acknowledgments We thank anonymous reviewers of RAID 2015 for their insightful comments on our paper. ...
doi:10.1007/978-3-319-26362-5_5
fatcat:efehbvvshjaxlchmi5z72usseu
An architecture for exploiting multi-core processors to parallelize network intrusion prevention
2009
Concurrency and Computation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
Taking advantage of the full power of multi-core processors for network intrusion prevention requires an in-depth approach. ...
fast string-matching. ...
Yet taking advantage of the full power of multi-core processors for network intrusion prevention requires an in-depth approach. ...
doi:10.1002/cpe.1422
fatcat:7yq5tk4n2neenmtbpr5jnkeatq
An architecture for exploiting multi-core processors to parallelize network intrusion prevention
2007
2007 IEEE Sarnoff Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
Taking advantage of the full power of multi-core processors for network intrusion prevention requires an in-depth approach. ...
fast string-matching. ...
Yet taking advantage of the full power of multi-core processors for network intrusion prevention requires an in-depth approach. ...
doi:10.1109/sarnof.2007.4567341
fatcat:5e3n2zwfbbdrjkpnvcwloxsa6m
A New Platform NIDS Based On WEMA
2015
International Journal of Information Technology and Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Abstract─ The increasing speed of today's computer networks directly affects the performance of Network Intrusion Detection Systems (NIDS) in terms of speed of detection of threads. ...
Hence, this paper defines a new platform NIDS to enhance the speed of detection engine based on Weighted Exact Matching Algorithm (WEMA). ...
ACKNOWLEDGEMENT I would like to thank Al-zaytoonah University of Jordan for supporting this research paper. ...
doi:10.5815/ijitcs.2015.06.07
fatcat:bnhinttztrcypgisiietll2uae
Regular Expression Matching on Graphics Hardware for Intrusion Detection
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The expressive power of regular expressions has been often exploited in network intrusion detection systems, virus scanners, and spam filtering applications. ...
We demonstrate the feasibility of GPU regular expression matching by implementing it in the popular Snort intrusion detection system, which results to a 60% increase in the packet processing throughput ...
We believe that building such "clusters" of GPUs will enable intrusion detection systems to inspect multi-Gigabit network traffic using commodity hardware. ...
doi:10.1007/978-3-642-04342-0_14
fatcat:tltn2m5vijf2xkb2b2zrws74ke
MIDeA
2011
Proceedings of the 18th ACM conference on Computer and communications security - CCS '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
In this paper, we present a multi-parallel intrusion detection architecture tailored for high speed networks. ...
Network intrusion detection systems are faced with the challenge of identifying diverse attacks, in extremely high speed networks. ...
INTRODUCTION Network intrusion detection systems (NIDS) are commonly classified into anomaly-based and signature-based systems. ...
doi:10.1145/2046707.2046741
dblp:conf/ccs/VasiliadisPI11
fatcat:3ru3c7yct5bjblslqk3334kzwu
COMPARISON OF SOFTWARE AND HARDWARE BASED INTRUSION PREVENTION SYSTEMS
2021
International journal of 3d printing technologies and digital industry
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
(IPS-A and IPS-B) and one hardware-based, closed-source Intrusion Prevention System (IPS-C). ...
Although the hardware-based IPS-C is an optimized appliance to put a minimum load on the processor, the detection/alarm figures are at very low levels. ...
its multi-threading and multi-core support. ...
doi:10.46519/ij3dptdi.954996
fatcat:flszqsr2gzb5zkvi46w425wxdy
Pattern matching of signature-based IDS using Myers algorithm under MapReduce framework
2017
EURASIP Journal on Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Intrusion detection systems (IDSs) play a crucial role in discovering suspicious activities and also in preventing their harmful impact. ...
This research intends to accelerate the pattern matching operation through parallelizing a matching algorithm on a multi-core CPU. ...
Based on the detection methodology, intrusion detection systems can be classified into two groups: signature-based IDS and anomaly-based IDS. ...
doi:10.1186/s13635-017-0062-7
fatcat:nmpetehk2jgyvdmkwcshhy4b2u
IP routing processing with graphic processors
2010
2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
For the deep packet inspection application, we implemented both a Bloom-filter based string matching algorithm and a finite automata based regular expression matching algorithm. ...
As a first step toward exploring the architecture of a GPU based software router, we developed GPU solutions for a series of core IP routing applications such as IP routing table lookup and pattern match ...
For the network intrusion problem, we have implemented both a Bloom-filter based string matching algorithm and an Aho-Corisick [23] styled regular expressing matching algorithm. ...
doi:10.1109/date.2010.5457229
dblp:conf/date/MuZZLDZ10
fatcat:lptjskmrzbddxirs4ighke3oqe
Code Generation for Packet Header Intrusion Analysis on the IXP1200 Network Processor
[chapter]
2003
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2005; you can also visit the original URL.
The file type is application/pdf.
We present a software architecture that enables the use of the IXP1200 network processor in packet header analysis for network intrusion detection. ...
The proposed work consists of a simple and efficient run-time infrastructure for managing network processor resources, along with the S2I compiler, a tool that generates efficient C code from highlevel ...
Network Intrusion Detection Systems improve security for organizations by monitoring in real time the traffic that crosses the border of their networks. ...
doi:10.1007/978-3-540-39920-9_16
fatcat:6bygchnifbca7ntfbofeeroy6a
« Previous
Showing results 1 — 15 out of 964 results