论文信息 - An Abstract Model for Intrusion Detection on Multi-Core Platform

An Abstract Model for Intrusion Detection on Multi-Core Platform

The processing speed of conventional network-based intrusion detection systems (NIDSs) is incompetent as to the rapid increase in network link speed. This problem imposes an emerging need for new detection technologies. In this paper, we introduce a multi-core technique which opens up another way for fast intrusion detection by proper workload partitioning and parallel detection on high-speed link. We present an abstract model of NIDS on multi-core platform and discuss the optimal solution when minimum memory occupation achieves. A preliminary example shows the model configuration and presents a first experimental evaluation.

Minglu Li | Yuan Luo | Chuliang Weng | Zhuojun Zhuang

[1] Evangelos P. Markatos,et al. Exclusion-based Signature Matching for Intrusion Detection , 2002 .

[2] Robert Tibshirani,et al. The Elements of Statistical Learning: Data Mining, Inference, and Prediction, 2nd Edition , 2001, Springer Series in Statistics.

[3] Peter Mell,et al. Intrusion Detection Systems , 2001 .

[4] Charles E. Kahn,et al. A common intrusion detection framework , 2000 .

[5] D. Ruppert. The Elements of Statistical Learning: Data Mining, Inference, and Prediction , 2004 .

[6] Feller William,et al. An Introduction To Probability Theory And Its Applications , 1950 .

[7] Alfred V. Aho,et al. Efficient string matching , 1975, Commun. ACM.