On the self-similar nature of Ethernet traffic
SIGCOMM '93 Conference proceedings on Communications architectures, protocols and applications
Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
High-speed networks: TCP/IP and ATM design principles
High-speed networks: TCP/IP and ATM design principles
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
The shunt: an FPGA-based accelerator for network intrusion prevention
Proceedings of the 2007 ACM/SIGDA 15th international symposium on Field programmable gate arrays
Building a time machine for efficient recording and retrieval of high-volume network traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Proceedings of the 14th ACM conference on Computer and communications security
Packet capture in 10-gigabit Ethernet environments using contemporary commodity hardware
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Enhancing network intrusion detection with integrated sampling and filtering
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Understanding Internet traffic streams: dragonflies and tortoises
IEEE Communications Magazine
Overcoming performance collapse for 100Gbps cyber security
Proceedings of the first workshop on Changing landscapes in HPC security
Hi-index | 0.00 |
Driven by the growing data transfer needs of the scientific community and the standardization of the 100 Gbps Ethernet Specification, 100 Gbps is now becoming a reality for many HPC sites. This tenfold increase in bandwidth creates a number of significant technical challenges. We show that by using the heavy tail flow effect as a filter, it should be possible to perform active IDS analysis at this traffic rate using a cluster of commodity systems driven by a dedicated load balancing mechanism. Additionally, we examine the nature of current network traffic characteristics applying them to 100Gpbs speeds.