Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention

14 years 5 months ago

Download www.icir.org

Stateful, in-depth, inline trafﬁc analysis for intrusion detection and prevention is growing increasingly more difﬁcult as the data rates of modern networks rise. Yet it remains the case that in many environments, much of the trafﬁc comprising a high-volume stream can, after some initial analysis, be qualiﬁed as of “likely uninteresting.” We present a combined hardware/software architecture, Shunting, that provides a lightweight mechanism for an intrusion prevention system (IPS) to take advantage of the “heavy-tailed” nature of network trafﬁc to ofﬂoad work from software to hardware.

José M. González, Vern Paxson, Nicho

Real-time Traffic

CCS 2007 | Inline Trafﬁc Analysis | Intrusion Detection | Modern Networks | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	CCS
Authors	José M. González, Vern Paxson, Nicholas Weaver

Comments (0)

Sciweavers

Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention

CCS 2007 | Inline Trafﬁc Analysis | Intrusion Detection | Modern Networks | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers