High-performance Architecture of Network Intrusion Prevention Systems

High-performance Architecture of Network Intrusion Prevention Systems

Software-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a het...

Full description

Bibliographic Details
Main Authors: Zhao Yueai, Hou Pengcheng, Wang Ling, Han Suqing
Format: Article
Language:English
Published: European Alliance for Innovation (EAI) 2014-05-01
Series:EAI Endorsed Transactions on Scalable Information Systems
Subjects:
Network Intrusion Prevention
Network Processor
heterogeneous multi-core processing architecture
anomaly detection.
Online Access:http://eudl.eu/doi/10.4108/sis.1.3.e3
id doaj-e1a8af27013b4be2a5d5773b6d8fb099
record_format Article
spelling doaj-e1a8af27013b4be2a5d5773b6d8fb0992020-11-25T02:43:59ZengEuropean Alliance for Innovation (EAI)EAI Endorsed Transactions on Scalable Information Systems2032-94072014-05-01131510.4108/sis.1.3.e3High-performance Architecture of Network Intrusion Prevention SystemsZhao Yueai0Hou Pengcheng1Wang Ling2Han Suqing3Department of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaDepartment of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaDepartment of Computer Science, Engineering College of Shanxi UniversityDepartment of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaSoftware-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a heterogeneous multi-core processing architecture where its NP devices complement genera purpose multi-core processors to improve the performance of packet processing. We use Netronome’s network processor to process network traffic at the data link (Ethernet), network (IP), and transport/control layers. A set of network-based anomaly Intrusion Detection sensors is used in processing network traffic. Experimental results show our enhancements can reduce the processing load of the Intrusion Detection sensors. The load balancing by the protocol is better then other previous work.http://eudl.eu/doi/10.4108/sis.1.3.e3Network Intrusion PreventionNetwork Processorheterogeneous multi-core processing architectureanomaly detection.
collection DOAJ
language English
format Article
sources DOAJ
author Zhao Yueai
Hou Pengcheng
Wang Ling
Han Suqing
spellingShingle Zhao Yueai
Hou Pengcheng
Wang Ling
Han Suqing
High-performance Architecture of Network Intrusion Prevention Systems
EAI Endorsed Transactions on Scalable Information Systems
Network Intrusion Prevention
Network Processor
heterogeneous multi-core processing architecture
anomaly detection.
author_facet Zhao Yueai
Hou Pengcheng
Wang Ling
Han Suqing
author_sort Zhao Yueai
title High-performance Architecture of Network Intrusion Prevention Systems
title_short High-performance Architecture of Network Intrusion Prevention Systems
title_full High-performance Architecture of Network Intrusion Prevention Systems
title_fullStr High-performance Architecture of Network Intrusion Prevention Systems
title_full_unstemmed High-performance Architecture of Network Intrusion Prevention Systems
title_sort high-performance architecture of network intrusion prevention systems
publisher European Alliance for Innovation (EAI)
series EAI Endorsed Transactions on Scalable Information Systems
issn 2032-9407
publishDate 2014-05-01
description Software-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a heterogeneous multi-core processing architecture where its NP devices complement genera purpose multi-core processors to improve the performance of packet processing. We use Netronome’s network processor to process network traffic at the data link (Ethernet), network (IP), and transport/control layers. A set of network-based anomaly Intrusion Detection sensors is used in processing network traffic. Experimental results show our enhancements can reduce the processing load of the Intrusion Detection sensors. The load balancing by the protocol is better then other previous work.
topic Network Intrusion Prevention
Network Processor
heterogeneous multi-core processing architecture
anomaly detection.
url http://eudl.eu/doi/10.4108/sis.1.3.e3
work_keys_str_mv AT zhaoyueai highperformancearchitectureofnetworkintrusionpreventionsystems
AT houpengcheng highperformancearchitectureofnetworkintrusionpreventionsystems
AT wangling highperformancearchitectureofnetworkintrusionpreventionsystems
AT hansuqing highperformancearchitectureofnetworkintrusionpreventionsystems
_version_ 1724768246821814272

Similar Items