Detail publikace

Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks

KUČERA, J. KEKELY, L. PUŠ, V. PIECEK, A. KOŘENEK, J.

Originální název

Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks

Typ

článek ve sborníku ve WoS nebo Scopus

Jazyk

angličtina

Originální abstrakt

Intrusion Detection Systems (IDS) are among popular technologies for securing computer networks. However, their high computational complexity makes it hard to meet performance goals of modern high-speed networks. This paper aims at an acceleration of IDS by informed packet discarding. Focusing the limited computational resources available to IDS towards only the most relevant parts of incoming traffic and offloading (bypassing) the rest. We show that this controlled (informed) discarding of well-defined traffic portions helps IDS to achieve better results and compare software and FPGA accelerated discarding implementations.

Klíčová slova

Suricata IDS, high-speed networks, hardware acceleration

Autoři

KUČERA, J.; KEKELY, L.; PUŠ, V.; PIECEK, A.; KOŘENEK, J.

Vydáno

6. 8. 2018

Nakladatel

Association for Computing Machinery

Místo

Ithaca, NY

ISBN

978-1-4503-5902-3

Kniha

Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems

Strany od

177

Strany do

178

Strany počet

2

URL

https://www.fit.vut.cz/research/publication/11796/

BibTex

@inproceedings{BUT155038,
  author="Jan {Kučera} and Lukáš {Kekely} and Viktor {Puš} and Adam {Piecek} and Jan {Kořenek}",
  title="Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks",
  booktitle="Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems",
  year="2018",
  pages="177--178",
  publisher="Association for Computing Machinery",
  address="Ithaca, NY",
  doi="10.1145/3230718.3232114",
  isbn="978-1-4503-5902-3",
  url="https://www.fit.vut.cz/research/publication/11796/"
}