A Survey on Parallel and Distributed Techniques for Improving the Performance of Signature -Based Network Intrusion Detection Systems

Nowadays, organizations discover that it is essential to protect their information, and adopt several approaches in protecting their valuable information and internal resources from unauthorized access. Network Intrusion Detection System is one type of tools that computer security administrators may use to perform network monitoring, and analyze whether there are any security breaches or not. To promote the performance of it, and reduce the processing time of the traffic, present studies on the network intrusion detection system for high-speed network focus on parallel and distributed techniques as an alternative. When new researchers try to have research on this specified topic, they have to waste a lot of their time and effort to bring them all together. This paper, however, reduces those anxieties to a certain extent. We discuss almost all the noticeable approaches proposed, and provide a survey of what other researchers have done in this area.

[1]  Jizhou Sun,et al.  A parallel scheme for IDS , 2003, Proceedings of the 2003 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.03EX693).

[2]  M.S. Alam,et al.  Adaptive load balancing architecture for SNORT , 2004, 2004 International Networking and Communication Conference.

[3]  Yan Luo,et al.  Efficient memory utilization on network processors for deep packet inspection , 2006, 2006 Symposium on Architecture For Networking And Communications Systems.

[4]  Mehdi Salour,et al.  Dynamic Two-Layer Signature-Based IDS with Unequal Databases , 2007, Fourth International Conference on Information Technology (ITNG'07).

[5]  Robert S. Boyer,et al.  A fast string searching algorithm , 1977, CACM.

[6]  Viktor K. Prasanna,et al.  Time and area efficient pattern matching on FPGAs , 2004, FPGA '04.

[7]  Minglu Li,et al.  A Resource Scheduling Strategy for Intrusion Detection on Multi-core Platform , 2008, 2008 IFIP International Conference on Network and Parallel Computing.

[8]  Anoop Gupta,et al.  Parallel computer architecture - a hardware / software approach , 1998 .

[9]  Evangelos P. Markatos,et al.  An active traffic splitter architecture for intrusion detection , 2003, 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, 2003. MASCOTS 2003..

[10]  Paul D. Franzon,et al.  Configurable string matching hardware for speeding up intrusion detection , 2005, CARN.

[11]  Jun Li,et al.  A Parallel NIDS Pattern Matching Engine and Its Implementation on Network Processor , 2005, Security and Management.

[12]  Beate Commentz-Walter,et al.  A String Matching Algorithm Fast on the Average , 1979, ICALP.

[13]  Christopher Krügel,et al.  Stateful intrusion detection for high-speed network's , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[14]  Errin W. Fulp,et al.  A taxonomy of parallel techniques for intrusion detection , 2007, ACM-SE 45.

[15]  Christopher Krügel,et al.  A Parallel Architecture for Stateful, High-Speed Intrusion Detection , 2008, ICISS.

[16]  John W. Lockwood,et al.  Deep packet inspection using parallel bloom filters , 2004, IEEE Micro.

[17]  John A. Chandy,et al.  FPGA based network intrusion detection using content addressable memories , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[18]  Yanggon Kim,et al.  A Fast Multiple String-Pattern Matching Algorithm , 1999 .

[19]  Udi Manber,et al.  A FAST ALGORITHM FOR MULTI-PATTERN SEARCHING , 1999 .

[20]  Hassen Sallay,et al.  A scalable distributed IDS Architecture for High speed Networks , 2009 .

[21]  Elizabeth D. Zwicky,et al.  Building internet firewalls , 1995 .

[22]  Errin W. Fulp,et al.  Distributed Data Parallel Techniques for Content-Matching Intrusion Detection Systems , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[23]  Jizhou Sun,et al.  A general purpose application layer IDS , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).