Sciweavers

RAID
2005
Springer

Towards Software-Based Signature Detection for Intrusion Prevention on the Network Card

14 years 5 months ago
Towards Software-Based Signature Detection for Intrusion Prevention on the Network Card
Abstract. CardGuard is a signature detection system for intrusion detection and prevention that scans the entire payload of packets for suspicious patterns and is implemented in software on a network card equiped with an Intel IXP1200 network processor. One card can be used to protect either a single host, or a small group of machines connected to a switch. CardGuard is non-intrusive in the sense that no cycles of the host CPUs are used for intrusion detection and the system operates at Fast Ethernet link rate. TCP flows are first reconstructed before they are scanned with the Aho-Corasick algorithm. Key words:distributed firewall, network processors
Herbert Bos, Kaiming Huang
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where RAID
Authors Herbert Bos, Kaiming Huang
Comments (0)