Empirically derived analytic models of wide-area TCP connections
IEEE/ACM Transactions on Networking (TON)
httperf—a tool for measuring web server performance
ACM SIGMETRICS Performance Evaluation Review
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Proceedings of the 14th ACM conference on Computer and communications security
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
State of the Practice Reports
IGCC '11 Proceedings of the 2011 International Green Computing Conference and Workshops
Scalable Cyber-Security for Terabit Cloud Computing
SCC '12 Proceedings of the 2012 SC Companion: High Performance Computing, Networking Storage and Analysis
Hi-index | 0.00 |
In this paper, we present a series of performance tests carried out on R-Scope Dominate-T (RDT), a 1U network security appliance configured with four Tilera Gx-36 processors and with an aggregated network IO capacity of 160Gbps. RDT is optimized with several high-performance computing techniques. On the software side, RDT runs Linux and a modified version of Bro--the open source network security monitor developed by the International Computer Science Institute--optimized with (1) intelligent IDS-aware packet queuing, (2) Bro-programmable packet shunting, (3) zero-locking IPC data structures, and (4) layer-4 packet prioritization. On the hardware side, the system leverages a many-core architecture with (1) 144 cores servicing 16 x 10Gbps network interfaces, (2) an on-chip ASIC-assisted engine delivering packets directly to Bro at wire rates, and (3) core-programmable zero-overhead/zero-interrupt Linux. The objective of this work is to make a contribution towards maximizing the amount of cyber security intelligence that a system can detect per unit of cost, where cost includes the processing time, space, energy, and capital equipment expenses incurred to perform such detection.