Modularized network intrusion detection system

A network intrusion detection and modular technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve problems such as large memory consumption, adding applications to the system, and limiting the scope of system applications, achieving easy configuration and reducing memory consumption. , the effect of enhancing the versatility

Inactive Publication Date: 2010-04-28
TSINGHUA UNIV
View PDF3 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the former does not implement memory sharing among multi-threads, which makes the memory consumption of multi-threading run too large, which lim

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Modularized network intrusion detection system
  • Modularized network intrusion detection system
  • Modularized network intrusion detection system

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0021] The specific embodiments of the present invention will be described in further detail below in conjunction with the drawings and embodiments. The following examples are used to illustrate the present invention, but not to limit the scope of the present invention.

[0022] Such as figure 2 As shown, the system according to the embodiment of the present invention includes:

[0023] Data source module, which is used for packet acquisition and encoding analysis (respectively equivalent to the packet acquisition module and encoding analysis module in the existing NIDS system). Specifically, it integrates data acquisition, data analysis, stream management, and IP fragment reorganization , TCP stream reorganization and other functions;

[0024] The shunt module is used to complete the scheduling of the network packets from the code analysis module, manage the scheduling of the network packet buffer queue, and distribute the network packets to the detection module through the networ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a modularized network intrusion detection system, which comprises a data source module for packet acquisition and encoding analysis, a shunt module for dispatching network packets from an encoding resolution module and distributing the network packets to each detection submodule in a detection module, and the detection module for detecting whether the network packets contain an attack or not, wherein the detection module adopts multiple threads and comprises one or more detection submodules; and the data source module and the shunt module uses one thread. In the technical scheme of the modularized network intrusion detection system, an independently-designed data acquisition and distribution/detection modularized architecture facilitates the realization of the function of a specific module by using hardware; the processing capacity of a multi-core processor can be fully used, the performance can be increased linearly with the number of cores of the processor, and multiple detection modules can be loaded dynamically so that configuration can be performed according to different hardware conditions; and simultaneously, memory consumption is reduced greatly and the commonality of the system is reinforced.

Description

technical field [0001] The invention relates to the technical field of network filtering and monitoring, in particular to a modularized network intrusion detection system. Background technique [0002] Network Intrusion Detection System (NIDS) is a network security system that monitors malicious or harmful behaviors in network or system activities and issues alarms. It intercepts data packets in the network (hereinafter referred to as network packets) through bypass or online, and analyzes its content, and gives an alarm or intercepts the network packets containing attacks, so as to realize the function of intrusion detection / defense. Due to the complex functions of NIDS, it is generally realized by software and runs inside the firewall or security gateway system. [0003] In recent years, the industry has increasingly higher requirements on the throughput of network devices. As the performance bottleneck of the security gateway, NIDS requires a large amount of computing po...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/56H04L29/06
Inventor 陈新明薛一波李军
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap