Fast and scalable layer four switching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Efficient string matching: an aid to bibliographic search
Communications of the ACM
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Optimizing Packet Capture on Symmetric Multiprocessing Machines
SBAC-PAD '03 Proceedings of the 15th Symposium on Computer Architecture and High Performance Computing
Behavioral Authentication of Server Flows
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Introducing scalability in network measurement: toward 10 Gbps with commodity hardware
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
The shunt: an FPGA-based accelerator for network intrusion prevention
Proceedings of the 2007 ACM/SIGDA 15th international symposium on Field programmable gate arrays
Dynamic application-layer protocol analysis for network intrusion detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A high-performance network monitoring platform for intrusion detection
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
Improving the performance of signature-based network intrusion detection sensors by multi-threading
WISA'04 Proceedings of the 5th international conference on Information Security Applications
High speed network traffic analysis with commodity multi-core systems
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
A high-performance and scalable multi-core aware software solution for network monitoring
The Journal of Supercomputing
Task optimization based on CPU pipeline technique in a multicore system
Computers & Mathematics with Applications
| Hi-index | 0.00 |
This paper proposes a high-performance network monitoring software architecture. The proposed architecture, named DashNMon, is able to employ multi-core CPUs in an efficient and scalable manner. Multi-core awareness is a distinguished property of this architecture. In spite of most existing cluster-based solutions, DashNMon can be used with common-off-the-shelf (COTS) multi-core CPUs. DashNMon is based on DashCap high-performance packet capture and transmission software solution, which we have recently introduced. Using the proposed architecture, it is possible to design and implement high-performance multi-threaded NIDSs or application-layer firewalls, completely in the user space and with better utilization of computational resources of multi-processor/multi-core systems. In this paper, after a brief overview of DashCap, we introduce the scalable software architecture of DashNMon and the results of the experiments carried out using a prototype web filter to benchmark its performance and scalability.