Al-Dalky et al., 2014 - Google Patents
Accelerating snort NIDS using NetFPGA-based Bloom filterAl-Dalky et al., 2014
- Document ID
- 13755706870311375793
- Author
- Al-Dalky R
- Salah K
- Otrok H
- Al-Qutayri M
- Publication year
- Publication venue
- 2014 International Wireless Communications and Mobile Computing Conference (IWCMC)
External Links
Snippet
In recent years, network intrusion detection systems (NIDS) have faced a serious throughput challenge as a result of the rapid increase of network links to 1 and 10 Gbps rates. Consequently, this calls for NIDS to have wire-speed packet processing and real-time …
- 238000001514 detection method 0 abstract description 24
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7453—Address table lookup or address filtering using hashing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic regulation in packet switching networks
- H04L47/10—Flow control or congestion control
- H04L47/24—Flow control or congestion control depending on the type of traffic, e.g. priority or quality of service [QoS]
- H04L47/2441—Flow classification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/22—Header parsing or analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Application independent communication protocol aspects or techniques in packet data networks
- H04L69/12—Protocol engines, e.g. VLSIs or transputers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Cheng et al. | Machine learning based low-rate DDoS attack detection for SDN enabled IoT networks | |
| Clark et al. | A hardware platform for network intrusion detection and prevention | |
| US7586851B2 (en) | Programmable packet parsing processor | |
| Hu et al. | Analysing performance issues of open-source intrusion detection systems in high-speed networks | |
| CN110753064A (en) | Machine learning and rule matching fused security detection system | |
| AU2010322819B2 (en) | Processing network traffic | |
| US8131841B2 (en) | Method and apparatus for detecting predefined signatures in packet payload | |
| Bakhtiar et al. | A lightweight IDS based on j48 algorithm for detecting DoS attacks on IoT middleware | |
| US10944724B2 (en) | Accelerating computer network policy search | |
| Al-Dalky et al. | Accelerating snort NIDS using NetFPGA-based Bloom filter | |
| CN116264520A (en) | Artificial intelligence supported network telemetry using data processing units | |
| Gray et al. | High performance network metadata extraction using P4 for ML-based intrusion detection systems | |
| Karimov et al. | Problems of increasing efficiency of NIDS by using implementing methods packet classifications on FPGA | |
| Chen et al. | Ac-suffix-tree: Buffer free string matching on out-of-sequence packets | |
| Gallo et al. | FENXI: Deep-learning Traffic Analytics at the edge | |
| Tharaka et al. | Runtime rule-reconfigurable high throughput NIPS on FPGA | |
| Al-Dalky et al. | Framework for a NetFPGA-based Snort NIDS | |
| Schuff et al. | Design alternatives for a high-performance self-securing ethernet network interface | |
| Shenoy et al. | Improving the performance efficiency of an ids by exploiting temporal locality in network traffic | |
| KR102285661B1 (en) | Appatus and method of load balancing in intrusion dectection system | |
| Wan et al. | Multi-core processors based network intrusion detection method | |
| Liu et al. | Fast and memory-efficient traffic classification with deep packet inspection in CMP architecture | |
| Navid et al. | Detection and mitigation of Denial of Service (DoS) attacks using performance aware Software Defined Networking (SDN) | |
| Ethilu et al. | Improving Performance and Efficiency of Software Defined Networking by Identifying Malicious Switches through Deep Learning Model | |
| Ren et al. | AntiWorm NPU-based parallel bloom filters for TCP/IP content processing in Giga-Ethernet LAN |