A fast string searching algorithm
Communications of the ACM
Efficient string matching: an aid to bibliographic search
Communications of the ACM
A String Matching Algorithm Fast on the Average
Proceedings of the 6th Colloquium, on Automata, Languages and Programming
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
Generating realistic workloads for network intrusion detection systems
WOSP '04 Proceedings of the 4th international workshop on Software and performance
Gigabit Rate Packet Pattern-Matching Using TCAM
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
SPANIDS: a scalable network intrusion detection loadbalancer
Proceedings of the 2nd conference on Computing frontiers
A Framework for Rule Processing in Reconfigurable Network Systems
FCCM '05 Proceedings of the 13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Fast and scalable pattern matching for content filtering
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Bit-split string-matching engines for intrusion detection and prevention
ACM Transactions on Architecture and Code Optimization (TACO)
Offloading IDS Computation to the GPU
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Cryptographics: secret key cryptography using graphics cards
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Towards software-based signature detection for intrusion prevention on the network card
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
SafeCard: a gigabit IPS on the network card
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Massive threading: Using GPUs to increase the performance of digital forensics tools
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A Hybrid Parallel Signature Matching Model for Network Security Applications Using SIMD GPU
APPT '09 Proceedings of the 8th International Symposium on Advanced Parallel Processing Technologies
Regular Expression Matching on Graphics Hardware for Intrusion Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
PacketShader: a GPU-accelerated software router
Proceedings of the ACM SIGCOMM 2010 conference
IP routing processing with graphic processors
Proceedings of the Conference on Design, Automation and Test in Europe
iNFAnt: NFA pattern matching on GPGPU devices
ACM SIGCOMM Computer Communication Review
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
GrAVity: a massively parallel antivirus engine
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Parallel packet classification using GPU co-processors
SAICSIT '10 Proceedings of the 2010 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists
Enhancing Intrusion Detection System with proximity information
International Journal of Security and Networks
On distributed intrusion detection systems design for high speed networks
ISPACT'10 Proceedings of the 9th WSEAS international conference on Advances in e-activities, information security and privacy
Experiences with string matching on the fermi architecture
ARCS'11 Proceedings of the 24th international conference on Architecture of computing systems
Efficient distributed signature analysis
AIMS'11 Proceedings of the 5th international conference on Autonomous infrastructure, management, and security: managing the dynamics of networks and services
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
MIDeA: a multi-parallel intrusion detection architecture
Proceedings of the 18th ACM conference on Computer and communications security
GPU-based NFA implementation for memory efficient high speed regular expression matching
Proceedings of the 17th ACM SIGPLAN symposium on Principles and Practice of Parallel Programming
Indices of power in optimal IDS default configuration: theory and examples
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
Classifying execution times in parallel computing systems: a classical hypothesis testing approach
CIARP'11 Proceedings of the 16th Iberoamerican Congress conference on Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications
GPUstore: harnessing GPU computing for storage systems in the OS kernel
Proceedings of the 5th Annual International Systems and Storage Conference
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
A highly-efficient memory-compression approach for GPU-Accelerated virus signature matching
ISC'12 Proceedings of the 15th international conference on Information Security
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
Review: Intrusion detection system: A comprehensive review
Journal of Network and Computer Applications
Re-examining the performance bottleneck in a NIDS with detailed profiling
Journal of Network and Computer Applications
Scalanytics: a declarative multi-core platform for scalable composable traffic analytics
Proceedings of the 22nd international symposium on High-performance parallel and distributed computing
Wire speed name lookup: a GPU-based approach
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Proceedings of the ACM International Conference on Computing Frontiers
Indexing million of packets per second using GPUs
Proceedings of the 2013 conference on Internet measurement conference
The Journal of Supercomputing
Towards a GPU accelerated virtual machine for massively parallel packet classification and filtering
Proceedings of the South African Institute for Computer Scientists and Information Technologists Conference
Fast and flexible: parallel packet processing with GPUs and click
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
A regular expression matching engine with hybrid memories
Computer Standards & Interfaces
Hi-index | 0.00 |
The constant increase in link speeds and number of threats poses challenges to network intrusion detection systems (NIDS), which must cope with higher traffic throughput and perform even more complex per-packet processing. In this paper, we present an intrusion detection system based on the Snort open-source NIDS that exploits the underutilized computational power of modern graphics cards to offload the costly pattern matching operations from the CPU, and thus increase the overall processing throughput. Our prototype system, called Gnort, achieved a maximum traffic processing throughput of 2.3 Gbit/s using synthetic network traces, while when monitoring real traffic using a commodity Ethernet interface, it outperformed unmodified Snort by a factor of two. The results suggest that modern graphics cards can be used effectively to speed up intrusion detection systems, as well as other systems that involve pattern matching operations.