Carousel: Scalable Logging for Intrusion Prevention Systems

14 years 1 months ago

Download www.eecs.harvard.edu

We address the problem of collecting unique items in a large stream of information in the context of Intrusion Prevention Systems (IPSs). IPSs detect attacks at gigabit speeds and must log infected source IP addresses for remediation or forensics. An attack with millions of infected sources can result in hundreds of millions of log records when counting duplicates. If logging speeds are much slower than packet arrival rates and memory in the IPS is limited, scalable logging is a technical challenge. After showing that na

Vinh The Lam, Michael Mitzenmacher, George Varghes

Real-time Traffic

Computer Networks | Infected Source Ip | Infected Sources | IPSs Detect Attacks | NSDI 2010 |

claim paper

Post Info
More Details (n/a)

Added	29 Oct 2010
Updated	29 Oct 2010
Type	Conference
Year	2010
Where	NSDI
Authors	Vinh The Lam, Michael Mitzenmacher, George Varghese

Comments (0)

Sciweavers

Carousel: Scalable Logging for Intrusion Prevention Systems

Computer Networks | Infected Source Ip | Infected Sources | IPSs Detect Attacks | NSDI 2010 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers