Linux firewalls
Parallel Computer Architecture: A Hardware/Software Approach
Parallel Computer Architecture: A Hardware/Software Approach
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Fast Content-Based Packet Handling for Intrusion Detection
Fast Content-Based Packet Handling for Intrusion Detection
Effects of processing delay on function-parallel firewalls
PDCN'06 Proceedings of the 24th IASTED international conference on Parallel and distributed computing and networks
Correlation-based load balancing for network intrusion detection and prevention systems
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Modeling a distributed intrusion detection system using collaborative building blocks
ACM SIGSOFT Software Engineering Notes
Hi-index | 0.00 |
Intrusion detection systems (IDS) have become a key component in ensuring the safety of systems and networks. These systems enforce a security policy by inspecting arriving packets for known signatures (patterns). This process actually involves several tasks that collectively incur a significant delay. As network line speeds continue to increase, it is crucial that efficient scalable approaches, such as parallelization, are developed for IDS. In this paper we develop a framework which may be used to classify various approaches to parallelizing intrusion detection systems. Parallelization of IDS can occur at three general levels: node (entire system), component (specific task), and sub-component (function within a specific task). We categorize existing and proposed parallel solutions using our framework, discuss the advantages and disadvantages of each, and provide empirical evaluation of one form of parallelism. Additionally, we introduce the notion of functional parallelism for intrusion detection.