Sciweavers

ANCS
2009
ACM
13 years 10 months ago
SPC-FA: synergic parallel compact finite automaton to accelerate multi-string matching with low memory
Deterministic Finite Automaton (DFA) is well-known for its constant matching speed in worst case, and widely used in multistring matching, which is a critical technique in high pe...
Junchen Jiang, Yi Tang, Bin Liu, Xiaofei Wang, Yan...
USS
2010
13 years 10 months ago
Building a Dynamic Reputation System for DNS
The Domain Name System (DNS) is an essential protocol used by both legitimate Internet applications and cyber attacks. For example, botnets rely on DNS to support agile command an...
Manos Antonakakis, Roberto Perdisci, David Dagon, ...
TNC
2004
120views Education» more  TNC 2004»
14 years 2 months ago
Realtime Intrusion-Forensics: A First Prototype Implementation (based on a stack-based NIDS)
The function of a Network Intrusion Detection System (NIDS) is to identify any misuse and abnormal behavior determined as an attack to a network segment or network host. The propo...
Udo Payer
ARC
2006
Springer
122views Hardware» more  ARC 2006»
14 years 4 months ago
UNITE: Uniform Hardware-Based Network Intrusion deTection Engine
Abstract. Current software implementations of network intrusion detection reach a maximum network connection speed of about 1Gbps (Gigabits per second). This paper analyses the Sno...
Sherif Yusuf, Wayne Luk, M. K. N. Szeto, William G...
EUC
2007
Springer
14 years 4 months ago
Parallel Network Intrusion Detection on Reconfigurable Platforms
With the wide adoption of internet into our everyday lives, internet security becomes an important issue. Intrusion detection at the network level is an effective way of stopping m...
Chun Xue, Zili Shao, Meilin Liu, Qingfeng Zhuge, E...
CCS
1999
ACM
14 years 4 months ago
A High-Performance Network Intrusion Detection System
In this paper we present a new approach for network intrusion detection based on concise specifications that characterize normal and abnormal network packet sequences. Our speci...
R. Sekar, Y. Guang, S. Verma, T. Shanbhag
FPL
2005
Springer
137views Hardware» more  FPL 2005»
14 years 6 months ago
Bitwise Optimised CAM for Network Intrusion Detection Systems
String pattern matching is a computationally expensive task, and when implemented in hardware, it can consume a large amount of resources for processing and storage. This paper pr...
Sherif Yusuf, Wayne Luk
IWIA
2006
IEEE
14 years 6 months ago
POSEIDON: a 2-tier Anomaly-based Network Intrusion Detection System
We present POSEIDON, a new anomaly-based network intrusion detection system. POSEIDON is payload-based, and has a two-tier architecture: the first stage consists of a Self-Organi...
Damiano Bolzoni, Sandro Etalle, Pieter H. Hartel, ...
DATE
2006
IEEE
140views Hardware» more  DATE 2006»
14 years 6 months ago
Optimization of regular expression pattern matching circuits on FPGA
Regular expressions are widely used in Network Intrusion Detection System (NIDS) to represent patterns of network attacks. Since traditional software-only NIDS cannot catch up to ...
Cheng-Hung Lin, Chih-Tsun Huang, Chang-Ping Jiang,...
IPPS
2007
IEEE
14 years 7 months ago
Design Alternatives for a High-Performance Self-Securing Ethernet Network Interface
This paper presents and evaluates a strategy for integrating the Snort network intrusion detection system into a high-performance programmable Ethernet network interface card (NIC...
Derek L. Schuff, Vijay S. Pai