会议论文详细信息
2019 2nd International Conference on Advanced Materials, Intelligent Manufacturing and Automation
Optimization of traditional Snort intrusion detection system
Zhang, Dongyan^1 ; Wang, Shuo^1
School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing
100083, China^1
关键词: Application layers;    Detection efficiency;    Intrusion Detection Systems;    Network applications;    Packet processing;    Real time traffics;    Spoofing attacks;    Typical application;   
Others  :  https://iopscience.iop.org/article/10.1088/1757-899X/569/4/042041/pdf
DOI  :  10.1088/1757-899X/569/4/042041
来源: IOP
PDF
【 摘 要 】

With the rapid development of the Internet, the following network security issues are increasingly prominent and the increasing number of network attacks has also attracted the attention of more professionals. Network attacks are generally divided into operation attack, spoofing attack, flooding attack, redirection and so on. In order to ensure the security of computer system, intrusion detection system is designed, and people pay more and more attention to it. Firewall as the first security gate to maintain network security, intrusion detection system is undoubtedly the second security gate after the firewall. Snort intrusion detection system is a typical application of intrusion detection system. In addition, Snort is a real-time traffic analysis system that can capture and analyze packets on the network according to defined rules. However, with the continuous increase of data volume and the emergence of big data, the pattern library of Snort intrusion detection system also expands correspondingly, leading to the decrease of detection efficiency. DPDK(Data Plane Development Kit) adopts polling method to realize data packet processing, which saves CPU interrupt time, memory copy time, and provides a simple and efficient data packet processing method to the application layer, making the development of network applications more convenient. How to improve the efficiency of Snort intrusion detection system with the advantage of DPDK's high-performance packet processing is the research focus of this paper.

【 预 览 】
附件列表
Files Size Format View
Optimization of traditional Snort intrusion detection system 251KB PDF download
  文献评价指标  
  下载次数:15次 浏览次数:31次