Towards software-based signature detection for intrusion prevention on the network card

被引:0
|
作者
Bos, H
Huang, KM
机构
[1] Vrije Univ Amsterdam, NL-1081 HV Amsterdam, Netherlands
[2] Xiamen Univ, Xiamen 361005, Peoples R China
来源
RECENT ADVANCES IN INTRUSION DETECTION | 2006年 / 3858卷
关键词
distributed firewall; network processors;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
CardGuard is a signature detection system for intrusion detection and prevention that scans the entire payload of packets for suspicious patterns and is implemented in software on a network card equiped with an Intel IXP1200 network processor. One card can be used to protect either a single host, or a small group of machines connected to a switch. CardGuard is non-intrusive in the sense that no cycles of the host CPUs are used for intrusion detection and the system operates at Fast Ethernet link rate. TCP flows are first reconstructed before they are scanned with the Aho-Corasick algorithm.
引用
收藏
页码:102 / 123
页数:22
相关论文
共 50 条
  • [41] An Integrated Approach to Network Intrusion Detection and Prevention
    Prakash, B. Bhanu
    Yeswanth, Kaki
    Srinivas, M. Sai
    Balaji, S.
    Sekhar, Y. Chandra
    Nair, Aswathy K.
    INVENTIVE COMMUNICATION AND COMPUTATIONAL TECHNOLOGIES, ICICCT 2019, 2020, 89 : 43 - 51
  • [42] Towards An Attack Signature Generation Framework for Intrusion Detection Systems
    Shahriar, Hossain
    Bond, William
    2017 IEEE 15TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 15TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 3RD INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS(DASC/PICOM/DATACOM/CYBERSCI, 2017, : 597 - 603
  • [43] Toward a Software-Based Network: Integrating Software Defined Networking and Network Function Virtualization
    Wood, Timothy
    Ramakrishnan, K. K.
    Hwang, Jinho
    Liu, Grace
    Zhang, Wei
    IEEE NETWORK, 2015, 29 (03): : 36 - 41
  • [44] The Impact of Software-based Virtual Network in the Public Cloud
    Lee, Chunghan
    Asano, Katsuhito
    Ishihara, Tomohiro
    2018 4TH IEEE CONFERENCE ON NETWORK SOFTWARIZATION AND WORKSHOPS (NETSOFT), 2018, : 494 - 499
  • [45] Applying hardware-based machine learning to signature-based network intrusion detection
    Payer, Garrett
    McCormick, Chris
    Harang, Richard
    CYBER SENSING 2014, 2014, 9097
  • [46] Applying hardware-based machine learning to signature-based network intrusion detection
    Payer, Garrett
    McCormick, Chris
    Harang, Richard
    MACHINE INTELLIGENCE AND BIO-INSPIRED COMPUTATION: THEORY AND APPLICATIONS VIII, 2014, 9119
  • [47] A Comparison of Neural-Network-Based Intrusion Detection against Signature-Based Detection in IoT Networks
    Schroetter, Max
    Niemann, Andreas
    Schnor, Bettina
    INFORMATION, 2024, 15 (03)
  • [48] Evaluation of an adaptive genetic-based signature extraction system for network intrusion detection
    Kamran Shafi
    Hussein A. Abbass
    Pattern Analysis and Applications, 2013, 16 : 549 - 566
  • [49] Improving Resources Management in Network Virtualization by Utilizing a Software-Based Network
    Amir Javadpour
    Wireless Personal Communications, 2019, 106 : 505 - 519
  • [50] Evaluation of an adaptive genetic-based signature extraction system for network intrusion detection
    Shafi, Kamran
    Abbass, Hussein A.
    PATTERN ANALYSIS AND APPLICATIONS, 2013, 16 (04) : 549 - 566
12345