The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Fast Content-Based Packet Handling for Intrusion Detection
Fast Content-Based Packet Handling for Intrusion Detection
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
A scalable multi-core aware software architecture for high-performance network monitoring
Proceedings of the 2nd international conference on Security of information and networks
Parallelization of Snort on a multi-core platform
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Co-match: fast and efficient packet inspection for multiple flows
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A high-performance and scalable multi-core aware software solution for network monitoring
The Journal of Supercomputing
Hi-index | 0.00 |
Signature-based Network Intrusion Detection System (NIDS) sensors match network packets against a pre-configured set of intrusion signatures. Current implementations of NIDS sensors employ only a single thread of execution and as a consequence benefit very little from multi-processor hardware platforms. A multi-threaded sensor would allow more efficient and scalable exploitation of these multi-processor machines. We present in detail a number of novel designs for a multi-threaded NIDS sensor and provide performance evaluation figures for a number of multi-threaded implementations of the popular open-source Snort system.