Approximate Packet Classification and Stateful Rule DFA for Cloud Intrusion Detection

This paper propose a new intrusion detection system architecture, which can be used by cloud intrusion detection. Our new architecture uses the inaccurate hashing to obtain a fast packet inspection and applies a new stateful rule DFA to track session inspection process. After a preliminary analysis, the new architecture should be feasible in the real application.

[1]  T. N. Vijaykumar,et al.  EffiCuts: optimizing packet classification for memory and throughput , 2010, SIGCOMM '10.

[2]  T. V. Lakshman,et al.  High-speed policy-based packet forwarding using efficient multi-dimensional range matching , 1998, SIGCOMM '98.

[3]  Jonathan S. Turner,et al.  Scalable packet classification using distributed crossproducing of field labels , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[4]  Jonathan S. Turner,et al.  Packet classification using extended TCAMs , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[5]  Alfred V. Aho,et al.  Efficient string matching , 1975, Commun. ACM.

[6]  Bing Chen,et al.  A Timesaving Recursive Flow Packet Classification Algorithm , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[7]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[8]  Edward W. Spitznagel Compressed Data Structures for Recursive Flow Classification , 2003 .

[9]  Zheng Chen,et al.  Scalable packet classification using interpreting: a cross-platform multi-core solution , 2008, PPoPP.

[10]  Pankaj Gupta,et al.  Packet Classification using Hierarchical Intelligent Cuttings , 1999 .

[11]  Xiangyang Gong,et al.  ERFC: an enhanced recursive flow classification algorithm , 2010 .

[12]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM '01.

[13]  Saewoong Bahk,et al.  FRFC: Fast Table Building Algorithm for Recursive Flow Classification , 2010, IEEE Communications Letters.

[14]  David E. Taylor Survey and taxonomy of packet classification techniques , 2005, CSUR.

[15]  George Varghese,et al.  Fast and scalable layer four switching , 1998, SIGCOMM '98.

[16]  Zai-lan Li,et al.  MIT-LCS-TM-637 Scalable Packet Classification Using Bit Vector Aggregating and Folding , 2002 .

[17]  Xinan Tang,et al.  High-performance packet classification algorithm for many-core and multithreaded network processor , 2006, CASES '06.

[18]  George Varghese,et al.  Scalable packet classification , 2001, SIGCOMM 2001.

[19]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.