Publication Details

Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks

KUČERA Jan, KEKELY Lukáš, PUŠ Viktor, PIECEK Adam and KOŘENEK Jan. Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks. In: Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems. Ithaca, NY: Association for Computing Machinery, 2018, pp. 177-178. ISBN 978-1-4503-5902-3.
Czech title
Hardwarová akcelerace systémů IDS pro vysokorychlostní počítačové sítě
Type
conference paper
Language
english
Authors
Kučera Jan, Ing. (CESNET)
Kekely Lukáš, Ing. (CESNET)
Puš Viktor, Ing. (NETCOPE)
Piecek Adam, Ing. (FIT BUT)
Kořenek Jan, doc. Ing., Ph.D. (DCSY FIT BUT)
Keywords

Suricata IDS, high-speed networks, hardware acceleration

Abstract

Intrusion Detection Systems (IDS) are among popular technologies for securing computer networks. However, their high computational complexity makes it hard to meet performance goals of modern high-speed networks. This paper aims at an acceleration of IDS by informed packet discarding. Focusing the limited computational resources available to IDS towards only the most relevant parts of incoming traffic and offloading (bypassing) the rest. We show that this controlled (informed) discarding of well-defined traffic portions helps IDS to achieve better results and compare software and FPGA accelerated discarding implementations.

Published
2018
Pages
177-178
Proceedings
Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems
Conference
14th ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS '18), Ithaca, NY, US
ISBN
978-1-4503-5902-3
Publisher
Association for Computing Machinery
Place
Ithaca, NY, US
DOI
UT WoS
000474465600026
BibTeX
@INPROCEEDINGS{FITPUB11796,
   author = "Jan Ku\v{c}era and Luk\'{a}\v{s} Kekely and Viktor Pu\v{s} and Adam Piecek and Jan Ko\v{r}enek",
   title = "Hardware Acceleration of Intrusion Detection Systems for High-Speed Networks",
   pages = "177--178",
   booktitle = "Proceedings of the 2018 Symposium on Architectures for Networking and Communications Systems",
   year = 2018,
   location = "Ithaca, NY, US",
   publisher = "Association for Computing Machinery",
   ISBN = "978-1-4503-5902-3",
   doi = "10.1145/3230718.3232114",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/11796"
}
Back to top