Sciweavers

ANCS
2009
ACM

SANS: a scalable architecture for network intrusion prevention with stateful frontend

13 years 9 months ago
SANS: a scalable architecture for network intrusion prevention with stateful frontend
Inline stateful and deep inspection for intrusion prevention is becoming more challenging due to the increase in both the volume of network traffic and the complexity of the analysis requirements. In this work, we pursue a novel architectural approach, named SANS, which takes both the advantage of new generation network processors for packet-header-based processing and the advantage of commodity x86 platforms for packet payload data processing. A session table scheme is designed for the stateful frontend in SANS to achieve wire speed inline processing. Categories and Subject Descriptors C.2.0 [Security and Protection] General Terms Security Keywords Stateful Inspection, Deep Inspection, Network Processors, Intrusion Prevention, Session Table.
Fei He, Yaxuan Qi, Yibo Xue, Jun Li
Added 16 Feb 2011
Updated 16 Feb 2011
Type Journal
Year 2009
Where ANCS
Authors Fei He, Yaxuan Qi, Yibo Xue, Jun Li
Comments (0)