Publication detail
Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks
KUČERA, J. KEKELY, L. PUŠ, V. PIECEK, A. KOŘENEK, J.
Original Title
Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks
Type
conference paper
Language
English
Original Abstract
Intrusion Detection Systems (IDS) are among popular technologiesfor securing computer networks. However, theirhigh computational complexity makes it hard to meet performancegoals of modern high-speed networks. This paperaims at an acceleration of IDS by informed packet discarding.Focusing the limited computational resources available toIDS towards only the most relevant parts of incoming trafficand offloading (bypassing) the rest. We show that this controlled(informed) discarding of well-defined traffic portionshelps IDS to achieve better results and compare software andFPGA accelerated discarding implementations.
Keywords
Suricata IDS, high-speed networks, hardware acceleration
Authors
KUČERA, J.; KEKELY, L.; PUŠ, V.; PIECEK, A.; KOŘENEK, J.
Released
6. 8. 2018
Publisher
Association for Computing Machinery
Location
Ithaca, NY
ISBN
978-1-4503-5902-3
Book
Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems
Pages from
177
Pages to
178
Pages count
2
URL
BibTex
@inproceedings{BUT155038,
author="Jan {Kučera} and Lukáš {Kekely} and Viktor {Puš} and Adam {Piecek} and Jan {Kořenek}",
title="Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks",
booktitle="Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems",
year="2018",
pages="177--178",
publisher="Association for Computing Machinery",
address="Ithaca, NY",
doi="10.1145/3230718.3232114",
isbn="978-1-4503-5902-3",
url="https://www.fit.vut.cz/research/publication/11796/"
}Documents