Method for improving IPS detection performance by adopting AMP architecture

A performance and data packet technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve the problems of powerless detection performance, insufficient flexibility and scalability, and inability to support functions, so as to reduce the number of data copies and improve processing Efficiency, the effect of reducing system calls

Inactive Publication Date: 2010-07-14
BEIJING TOPSEC TECH
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In recent years, the network processor (NP) has been widely used in the Gigabit environment, but the advantage of NP is mainly in the packet processing below the network layer, if the content processing will lead to performance degradation, the ASIC architecture IPS It uses specially designed ASIC chip logic for hardware acceleration processing, and obtains high processing capabilities by solidifying instructions or calculation logic into the chip, thereby significantly

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for improving IPS detection performance by adopting AMP architecture
  • Method for improving IPS detection performance by adopting AMP architecture
  • Method for improving IPS detection performance by adopting AMP architecture

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0020] Below, refer to the attached Figure 1~2 The method of the present invention for improving IPS detection performance by adopting the AMP architecture is described in detail.

[0021] The core idea of ​​the present invention is to develop a multi-core-based IPS system, which adopts the AMP architecture to make the network processing and IPS detection of data packets execute asynchronously, and allows multiple processors within the IPS detection process and network processing Parallel execution, so that multiple IPS detection processes are executed in parallel at any time, thereby fundamentally solving the performance bottleneck of the IPS system.

[0022] For multi-core processors, the CPU set (processor set) can be divided into Linux CPU set and NP (network processor) set according to specific requirements. The Linux CPU set is scheduled to execute the Linux operating system, and the IPS detection process runs on it; NP set It is scheduled to execute the network operating s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for improving IPS detection performance by adopting AMP architecture, which comprises the following steps: step A, a hardware layer receives network data packets, and the data packets are transferred to a network processor (NP) through a hardware shunting mechanism; step B, after the NP receives the data packets, network flow processing (comprising recombination of IP fragments, decoding and exchanging of the data packets and establishment and maintenance of connection) is carried out on the data packets, and the processed data packets are packed into IPS queues, wherein each IPS detection process corresponds to an IPS queue; step C, each IPS process waits for data on the IPS queue thereof, when the data exists on the IPS queue, feature detection is carried out on the data packets, and the detected data packets are injected into a network processing layer; and step D, the NP acquires the data packets which are transferred from each IPS process and are processed by IPS detection, and the subsequent processing is carried out according to detection results. The invention can improve IPS performance on a multi-core processor platform by utilizing the parallel processing technique.

Description

technical field [0001] The invention relates to the technical field of network security and networking, in particular to a method for improving IPS detection performance by adopting an AMP framework. Background technique [0002] Intrusion Prevention System (IPS), as a security product that is connected in series in the network and provides deep attack defense for the protected network, has been more and more widely used. However, with the advancement of network technology and the in-depth development of network applications in various industries, the performance of intrusion prevention systems is becoming more and more important in the detection process. Only when the performance of intrusion prevention detection is guaranteed, efficient analysis algorithms , a complete rule set, etc. may be useful. [0003] In view of the complexity of IPS features and the characteristics of real-time updates, IPS detection and feature filtering are generally implemented by software, but ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/56H04L29/06H04L12/811
Inventor 张宏君
Owner BEIJING TOPSEC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap