TY - GEN
T1 - Towards an Efficient Intrusion Detection System for High Speed Networks
AU - Qadeer, Hassan
AU - Talat, Ammad
AU - Qureshi, Kashif Naseer
AU - Bashir, Faisal
AU - Ul Islam, Najam
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/1
Y1 - 2020/1
N2 - Network security and network monitoring are becoming a major concern over high-speed computer networks. During the last decades, network bandwidth has evolved enormously to fulfill the needs of a larger number of users, who want to communicate through an unsecured internet. With the increase in network bandwidth, the probability of network intrusions and attacks are also increased. Consequently, network security is one of the major threats. Among several other solutions, Intrusion Detection System (IDS) is an efficient technique to monitor the Ethernet traffic. In this regard, an efficient multicore design has been proposed for network monitoring using an existing IDS i.e., SNORT. The proposed design constitutes a total of 16 numbers of cores to process Ethernet traffic efficiently. Furthermore, the proposed design achieves an efficient packet capturing using PF-ring with network load balancing based on IP hash load balancing. Based on the aforementioned settings, network monitoring can be improved with 'N' times where N is the number of used CPU cores.
AB - Network security and network monitoring are becoming a major concern over high-speed computer networks. During the last decades, network bandwidth has evolved enormously to fulfill the needs of a larger number of users, who want to communicate through an unsecured internet. With the increase in network bandwidth, the probability of network intrusions and attacks are also increased. Consequently, network security is one of the major threats. Among several other solutions, Intrusion Detection System (IDS) is an efficient technique to monitor the Ethernet traffic. In this regard, an efficient multicore design has been proposed for network monitoring using an existing IDS i.e., SNORT. The proposed design constitutes a total of 16 numbers of cores to process Ethernet traffic efficiently. Furthermore, the proposed design achieves an efficient packet capturing using PF-ring with network load balancing based on IP hash load balancing. Based on the aforementioned settings, network monitoring can be improved with 'N' times where N is the number of used CPU cores.
KW - High Speed
KW - Intrusion Detection System
KW - Multicore
KW - Multiprocessing
KW - Network
KW - Network Security
UR - http://www.scopus.com/inward/record.url?scp=85085491033&partnerID=8YFLogxK
U2 - 10.1109/IBCAST47879.2020.9044607
DO - 10.1109/IBCAST47879.2020.9044607
M3 - Conference contribution
AN - SCOPUS:85085491033
T3 - Proceedings of 2020 17th International Bhurban Conference on Applied Sciences and Technology, IBCAST 2020
SP - 428
EP - 433
BT - Proceedings of 2020 17th International Bhurban Conference on Applied Sciences and Technology, IBCAST 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 17th International Bhurban Conference on Applied Sciences and Technology, IBCAST 2020
Y2 - 14 January 2020 through 18 January 2020
ER -