Přístupnostní navigace
E-application
Search Search Close
Publication detail
KUČERA, J. KEKELY, L. PUŠ, V. PIECEK, A. KOŘENEK, J.
Original Title
Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks
Type
conference paper
Language
English
Original Abstract
Intrusion Detection Systems (IDS) are among popular technologies for securing computer networks. However, their high computational complexity makes it hard to meet performance goals of modern high-speed networks. This paper aims at an acceleration of IDS by informed packet discarding. Focusing the limited computational resources available to IDS towards only the most relevant parts of incoming traffic and offloading (bypassing) the rest. We show that this controlled (informed) discarding of well-defined traffic portions helps IDS to achieve better results and compare software and FPGA accelerated discarding implementations.
Keywords
Suricata IDS, high-speed networks, hardware acceleration
Authors
KUČERA, J.; KEKELY, L.; PUŠ, V.; PIECEK, A.; KOŘENEK, J.
Released
6. 8. 2018
Publisher
Association for Computing Machinery
Location
Ithaca, NY
ISBN
978-1-4503-5902-3
Book
Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems
Pages from
177
Pages to
178
Pages count
2
URL
https://www.fit.vut.cz/research/publication/11796/
BibTex
@inproceedings{BUT155038, author="Jan {Kučera} and Lukáš {Kekely} and Viktor {Puš} and Adam {Piecek} and Jan {Kořenek}", title="Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks", booktitle="Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems", year="2018", pages="177--178", publisher="Association for Computing Machinery", address="Ithaca, NY", doi="10.1145/3230718.3232114", isbn="978-1-4503-5902-3", url="https://www.fit.vut.cz/research/publication/11796/" }
Documents
paper.pdf