High-performance Architecture of Network Intrusion Prevention Systems
Software-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a het...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
European Alliance for Innovation (EAI)
2014-05-01
|
Series: | EAI Endorsed Transactions on Scalable Information Systems |
Subjects: | |
Online Access: | http://eudl.eu/doi/10.4108/sis.1.3.e3 |
id |
doaj-e1a8af27013b4be2a5d5773b6d8fb099 |
---|---|
record_format |
Article |
spelling |
doaj-e1a8af27013b4be2a5d5773b6d8fb0992020-11-25T02:43:59ZengEuropean Alliance for Innovation (EAI)EAI Endorsed Transactions on Scalable Information Systems2032-94072014-05-01131510.4108/sis.1.3.e3High-performance Architecture of Network Intrusion Prevention SystemsZhao Yueai0Hou Pengcheng1Wang Ling2Han Suqing3Department of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaDepartment of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaDepartment of Computer Science, Engineering College of Shanxi UniversityDepartment of Computer Science, Taiyuan Normal University, Taiyuan, P. R. ChinaSoftware-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a heterogeneous multi-core processing architecture where its NP devices complement genera purpose multi-core processors to improve the performance of packet processing. We use Netronome’s network processor to process network traffic at the data link (Ethernet), network (IP), and transport/control layers. A set of network-based anomaly Intrusion Detection sensors is used in processing network traffic. Experimental results show our enhancements can reduce the processing load of the Intrusion Detection sensors. The load balancing by the protocol is better then other previous work.http://eudl.eu/doi/10.4108/sis.1.3.e3Network Intrusion PreventionNetwork Processorheterogeneous multi-core processing architectureanomaly detection. |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Zhao Yueai Hou Pengcheng Wang Ling Han Suqing |
spellingShingle |
Zhao Yueai Hou Pengcheng Wang Ling Han Suqing High-performance Architecture of Network Intrusion Prevention Systems EAI Endorsed Transactions on Scalable Information Systems Network Intrusion Prevention Network Processor heterogeneous multi-core processing architecture anomaly detection. |
author_facet |
Zhao Yueai Hou Pengcheng Wang Ling Han Suqing |
author_sort |
Zhao Yueai |
title |
High-performance Architecture of Network Intrusion Prevention Systems |
title_short |
High-performance Architecture of Network Intrusion Prevention Systems |
title_full |
High-performance Architecture of Network Intrusion Prevention Systems |
title_fullStr |
High-performance Architecture of Network Intrusion Prevention Systems |
title_full_unstemmed |
High-performance Architecture of Network Intrusion Prevention Systems |
title_sort |
high-performance architecture of network intrusion prevention systems |
publisher |
European Alliance for Innovation (EAI) |
series |
EAI Endorsed Transactions on Scalable Information Systems |
issn |
2032-9407 |
publishDate |
2014-05-01 |
description |
Software-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a heterogeneous multi-core processing architecture where its NP devices complement genera purpose multi-core processors to improve the performance of packet processing. We use Netronome’s network processor to process network traffic at the data link (Ethernet), network (IP), and transport/control layers. A set of network-based anomaly Intrusion Detection sensors is used in processing network traffic. Experimental results show our enhancements can reduce the processing load of the Intrusion Detection sensors. The load balancing by the protocol is better then other previous work. |
topic |
Network Intrusion Prevention Network Processor heterogeneous multi-core processing architecture anomaly detection. |
url |
http://eudl.eu/doi/10.4108/sis.1.3.e3 |
work_keys_str_mv |
AT zhaoyueai highperformancearchitectureofnetworkintrusionpreventionsystems AT houpengcheng highperformancearchitectureofnetworkintrusionpreventionsystems AT wangling highperformancearchitectureofnetworkintrusionpreventionsystems AT hansuqing highperformancearchitectureofnetworkintrusionpreventionsystems |
_version_ |
1724768246821814272 |