A method for kilomega NIDS parallel processing based on NP and BS

A technology for parallel processing and data packets, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as insufficient high-speed data flow processing capabilities, and achieve the effects of meeting requirements, improving performance, and improving detection rates

Inactive Publication Date: 2007-05-16
NANJING UNIV
View PDF0 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to propose a method for parallel processing of Gigabit NIDS based on NP and BS, aiming at the problem that the current network intrusion detection system is insufficient in processing high-speed data streams, utilizing the high-speed, high-speed processing of n

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for kilomega NIDS parallel processing based on NP and BS
  • A method for kilomega NIDS parallel processing based on NP and BS
  • A method for kilomega NIDS parallel processing based on NP and BS

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] Compared with Figure 1 (the solid line represents the data flow, and the dotted line represents the control flow), the network processor receives all the data packets to be detected through the mirror port, and uses its data packet forwarding module to divide the incoming data according to a certain data flow division algorithm. The packet is forwarded, and the high-speed network data flow is divided into multiple low-speed data flows, which are handed over to the back-end detectors for processing, and the collaborative relationship between the detectors is minimized. At the same time, the back-end detectors feed back their load status to the forwarder, and the forwarder dynamically adjusts the traffic division according to the feedback obtained, so as to ensure that the load of each detector is as balanced as possible.

[0014] In the whole process shown in Figure 1, step 1 is the initial action. Step 2: The data flow division method of the network processor is to divi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The relative giga-level NIDS paralleled process method based on NP and BS comprises: receiving all data package from target network by a translator; dividing high-speed network data flow into multiple low-speed data flow, and determining target detector; changing target MAC of data package into detector MAC, and sending to the detector by a exchange board; with two complementary threads, acquiring data, analyzing protocol, and matching feature; and forming a detection result on console. This invention improves process capacity of whole system, and reduces package-missing rate.

Description

technical field [0001] What the present invention relates to is a kind of method based on NP (network processor) and BS (blade server) gigabit NIDS parallel processing, promptly is a kind of method based on network processor and blade server, is used for solving the bottleneck of speed detection of high-speed backbone network A method for parallel processing of packets. The invention belongs to the technical field of detection in network security products. Background technique [0002] An Intrusion Detection System (IDS) is a software or hardware system that automatically monitors events occurring on a computer or network and analyzes them for signs of a security compromise. According to the source of the analysis data, IDS can be divided into network-based intrusion detection system (NIDS) and host-based intrusion detection system (HIDS). Among them, NIDS has received a lot of applications because it is easy to deploy and does not occupy host resources. NIDS takes all the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L12/26H04L12/803H04L12/861
Inventor 黄皓赖海光黄松华
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap