Towards software-based signature detection for intrusion prevention on the network card

被引:0
|
作者
Bos, H
Huang, KM
机构
[1] Vrije Univ Amsterdam, NL-1081 HV Amsterdam, Netherlands
[2] Xiamen Univ, Xiamen 361005, Peoples R China
来源
RECENT ADVANCES IN INTRUSION DETECTION | 2006年 / 3858卷
关键词
distributed firewall; network processors;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
CardGuard is a signature detection system for intrusion detection and prevention that scans the entire payload of packets for suspicious patterns and is implemented in software on a network card equiped with an Intel IXP1200 network processor. One card can be used to protect either a single host, or a small group of machines connected to a switch. CardGuard is non-intrusive in the sense that no cycles of the host CPUs are used for intrusion detection and the system operates at Fast Ethernet link rate. TCP flows are first reconstructed before they are scanned with the Aho-Corasick algorithm.
引用
收藏
页码:102 / 123
页数:22
相关论文
共 50 条
  • [1] Software-based packet classification in network intrusion detection system using network processor
    Salim, Robin
    Rao, G. S. V. Radha Krishna
    TENCON 2006 - 2006 IEEE REGION 10 CONFERENCE, VOLS 1-4, 2006, : 1612 - +
  • [2] On the Reliability of Wireless Sensors with Software-based Attestation for Intrusion Detection
    Chen, Ing-Ray
    Wang, Ding-Chau
    2009 10TH INTERNATIONAL SYMPOSIUM ON PERVASIVE SYSTEMS, ALGORITHMS, AND NETWORKS (ISPAN 2009), 2009, : 184 - +
  • [3] μIPS: Software-Based Intrusion Prevention for Bare-Metal Embedded Systems
    Degani, Luca
    Salehi, Majid
    Martinelli, Fabio
    Crispo, Bruno
    COMPUTER SECURITY - ESORICS 2023, PT IV, 2024, 14347 : 311 - 331
  • [4] Component-based Software Architecture Design for Network Intrusion Detection and Prevention System
    Han, Jianchao
    Beheshti, Mohsen
    Kowalski, Kazimierz
    Ortiz, Joel
    Tomelden, Johnly
    PROCEEDINGS OF THE 2009 SIXTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, VOLS 1-3, 2009, : 248 - 253
  • [5] Software-based failure detection and recovery in programmable network interfaces
    Zhou, Yizheng
    Lakamraju, Vijay
    Koren, Israel
    Krishna, C. Mani
    IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2007, 18 (11) : 1539 - 1550
  • [6] A software-based ATM interface card and its evaluation
    Takabatake, Y
    Hashimoto, M
    Tsujita, T
    Takeda, J
    Shobatake, Y
    IEICE TRANSACTIONS ON COMMUNICATIONS, 1997, E80B (01) : 127 - 134
  • [7] Flexible Network-based Intrusion Detection and Prevention System on Software-defined Networks
    An Le
    Phuong Dinh
    Hoa Le
    Ngoc Cuong Tran
    2015 INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING AND APPLICATIONS (ACOMP), 2015, : 106 - 111
  • [8] NIDS: A network based approach to intrusion detection and prevention
    Ahmed, Martuza
    Pal, Rima
    Hossain, Md. Mojammel
    Bikas, Md. Abu Naser
    Hasan, Md. Khalad
    IACSIT-SC 2009: INTERNATIONAL ASSOCIATION OF COMPUTER SCIENCE AND INFORMATION TECHNOLOGY - SPRING CONFERENCE, 2009, : 141 - 144
  • [9] CBSigIDS: Towards Collaborative Blockchained Signature-based Intrusion Detection
    Tug, Steven
    Meng, Weizhi
    Wang, Yu
    IEEE 2018 INTERNATIONAL CONGRESS ON CYBERMATICS / 2018 IEEE CONFERENCES ON INTERNET OF THINGS, GREEN COMPUTING AND COMMUNICATIONS, CYBER, PHYSICAL AND SOCIAL COMPUTING, SMART DATA, BLOCKCHAIN, COMPUTER AND INFORMATION TECHNOLOGY, 2018, : 1228 - 1235
  • [10] Software-Based Remote Network Attestation
    Kumar, Seema
    Eugster, Patrick
    Santini, Silvia
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (05) : 2920 - 2933
12345