High-performance Architecture of Network Intrusion Prevention Systems

Authors

DOI:

https://doi.org/10.4108/sis.1.3.e3

Keywords:

Network Intrusion Prevention, Network Processor, heterogeneous multi-core processing architecture, anomaly detection

Abstract

Software-based Network Intrusion Prevention Systems have difficulty in handling high speed links. Network processor (NP) is an emerging field of programmable processors that are optimized to implement network data. In this paper, a novel Network Intrusion Prevention scheme is designed based on a heterogeneous multi-core processing architecture where its NP devices complement genera purpose multi-core processors to improve the performance of packet processing. We use Netronome’s network processor to process network traffic at the data link (Ethernet), network (IP), and transport/control layers. A set of network-based anomaly Intrusion Detection sensors is used in processing network traffic. Experimental results show our enhancements can reduce the processing load of the Intrusion Detection sensors. The load balancing by the protocol is better then other previous work.

Downloads

Published

27-05-2014

How to Cite

1.
Yueai Z, Pengcheng H, Ling W, Suqing H. High-performance Architecture of Network Intrusion Prevention Systems. EAI Endorsed Scal Inf Syst [Internet]. 2014 May 27 [cited 2024 Nov. 13];1(3):e3. Available from: https://publications.eai.eu/index.php/sis/article/view/2315

Funding data