A Survey of parallel intrusion detection on graphical processors

Vokorokos, Liberios; Ennert, Michal; Čajkovský, Marek; Radusovsky, J.

doi:10.2478/s13537-014-0213-6

Cited by 21 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A typical example of an important, and also ubiquitous, security‐related function is DPI, whereby packet payloads are matched against a set of predefined patterns. DPI imposes a significant performance overhead because of the pattern matching mechanisms that are at the core of its operation, and thus largely unavoidable (motivating a wealth of research efforts focusing on improving their performance()). Nevertheless, DPI, in one form or another, is part of many network (hardware or software) appliances and middleboxes; some examples can be seen in the work of Bremler‐Barr et al As Bremler‐Barr et al has demonstrated, extracting the DPI functionality and providing it as a common service function to various applications (combining and matching DPI patterns from different sources) can result in significant performance gains; their benchmarks, involving a single Snort‐based IDS service function, run in Mininet over OpenFlow to emulate an SDN deployment, compared with 2 separate traditional instances of Snort, showed that the former (ie, the single DPI service function) performed 67%‐86% faster than the latter.…”

Section: Service Function Chainingmentioning

confidence: 99%

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Petroulakis

Fysarakis

Askoxylakis

et al. 2017

Trans Emerging Tel Tech

View full text Add to dashboard Cite

The innovative application of fifth‐generation core technologies, ie, software‐defined networking (SDN) and network function virtualization, can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. These major changes could not leave the industrial environment unaffected, with smart industrial deployments gradually becoming a reality, a trend that is often referred to as the Fourth Industrial Revolution or Industry 4.0. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/network function virtualization–enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining. Moreover, the implementation of a proof‐of‐concept reactive security framework for an industrial‐grade wind park network is presented, along with a performance evaluation of the proposed approach. The framework is equipped with SDN and supervisory control and data acquisition honeypots, modeled on and deployable to the wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication. Moreover, the applicability of the proposed solutions is assessed in the context of the specific industrial application based on the analysis of the network characteristics and requirements of an actual operating wind park.

show abstract

Section: Service Function Chainingmentioning

confidence: 99%

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Petroulakis

Fysarakis

Askoxylakis

et al. 2017

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…This saturation causes blockage of the connection to the server [7] which could block some valuable portals such as e-learning platforms [8,9]. Some of the methods for detecting DDoS attacks use general-purpose computing on graphics processing units [10], whereas others recommend protecting networks with a firewall [11,12]. Intrusion prevention systems and intrusion detection systems use huge databases that consist of data collected during simple attacks from one place on the network [11].…”

Section: Ddos Attack Description and Recognitionmentioning

confidence: 99%

Fuzzy Observation of DDoS Attack

Apiecionek

2017

Theory and Applications of Ordered Fuzzy Numbers

View full text Add to dashboard Cite

DDoS attacks are able to block Web servers. Such attacks could be started from anywhere in the network. This chapter presents the possibility of using Ordered Fuzzy Numbers (OFNs) for observation of a DDoS attack. The proposed algorithm could be implemented on routers and predict the moment of the attack. Such prediction gives a possibility for the network administrators to protect server resources. In the chapter the author presents the real test results made on a prepared IP network. The presented results prove that OFNs have a huge potential for usage in observation of DDoS attacks.

show abstract

“…It is much likely that this option will be extended to the entire operating system. MPTCP is able to increase the security level of the transmitted data by using many different links to reach the destination, in contrast to the present methodology, which is based only on network protection [17][18][19] and securing of possibility of connection into this network [20,21]. The transmitted data are treated as raw binary data, which can be divided into blocks and passed to the transmission layer.…”

Section: Multipath Tcpmentioning

confidence: 99%

Limiting Energy Consumption by Decreasing Packets Retransmissions in 5G Network

Apiecionek

2017

Mobile Information Systems

View full text Add to dashboard Cite

This article presents the potential of using Multipath Transmission Control Protocol for limiting the energy consumption in 5G network. The number of errors occurring during packet transmissions and in effect the number of retransmissions affect the consumption of energy by the devices in the network. The paper analyzes the potential energy savings from implementing an algorithm for detecting problems and predicting the future retransmissions. Although this is the main object of the paper, it must be emphasized that the proposed method also allows increasing the speed of transmission and improving the security of the data and it is easy to implement in 5G networks.

show abstract

A Survey of parallel intrusion detection on graphical processors

Cited by 21 publications

References 10 publications

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Fuzzy Observation of DDoS Attack

Limiting Energy Consumption by Decreasing Packets Retransmissions in 5G Network

Contact Info

Product

Resources

About