Skip to main content
SpringerLink
Log in

CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services

  • Conference paper
  • First Online:
Information and Operational Technology Security Systems (IOSec 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11398))

Abstract

In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterogeneous embedded devices exchange high volumes of data. Interconnection with cloud services is becoming popular. Thus, enhanced security is imperative but network monitoring is computational intensive. Parallel programming utilizing Graphics Processing Units (GPUs) is a well-tried practice for drastically reducing the computation time in computation intensive domains. This paper presents CloudNet – a lightweight and efficient GPU-accelerated anti-malware engine, utilizing the CUDA General Purpose GPU (GPGPU). The core of the system computes the digests of files using a CUDA-optimized SHA-3 hashing mechanism. Malware digests are stored in a data structure so that detection checks take place as network traffic is processed. Work includes a comparative analysis for three types of data structures (hash table, tree, and array) to identify the most appropriate for this specific field. We develop several versions of two basic variations of applications, including performance comparisons of GPU-accelerated implementation to the reference and optimized CPU implementations. The CloudNet is developed in order to protect CPSs that communicate information to the industrial cloud. A trace of an industrial wind park traffic is utilized for the evaluation of CloudNet, achieving two times faster network monitoring than typical CPU solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Zhu, C., Shu, L., Leung, V.C.M., Guo, S., Zhang, Y., Yang, L.T.: Secure multimedia big data in trust-assisted sensor-cloud for smart city. IEEE Commun. Mag. 55(12), 24–30 (2017)

    Article  Google Scholar 

  2. Zhu, C., Zhou, H., Leung, V.C.M., Wang, K., Zhang, Y., Yang, L.T.: Toward big data in green city. IEEE Commun. Mag. 55(11), 14–18 (2017)

    Article  Google Scholar 

  3. Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th Usenix Security Symposium (SS), 16–18 August, Vancouver, BC, Canada, pp. 1093–1110 (2017)

    Google Scholar 

  4. Lu, Z., Wang, W., Wang, C.: On the evolution and impact of mobile Botnets in wireless networks. IEEE Trans. Mob. Comput. 15(9), 2304–2316 (2016)

    Article  MathSciNet  Google Scholar 

  5. NVIDIA Corporation, Santa Clara, California, USA. http://www.nvidia.com/

  6. Compute Unified Device Architecture (CUDA). http://www.nvidia.com/object/cuda_home_new.html

  7. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The Keccak sponge function family. http://keccak.noekeon.org/

  8. Vasiliadis, G., Ioannidis, S.: GrAVity: a massively parallel antivirus engine. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 79–96. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15512-3_5

    Chapter  Google Scholar 

  9. Pungila, C., Negru, V.: A highly-efficient memory-compression approach for GPU-accelerated virus signature matching. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 354–369. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33383-5_22

    Chapter  Google Scholar 

  10. Clam AntiVirus, Open Source (GPL) antivirus engine. http://www.clamav.net

  11. Vasiliadis, G., Antonatos, S., Polychronakis, M., Markatos, E.P., Ioannidis, S.: Gnort: high performance network intrusion detection using graphics processors. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 116–134. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87403-4_7

    Chapter  Google Scholar 

  12. Vasiliadis, G., Polychronakis, M., Antonatos, S., Markatos, E.P., Ioannidis, S.: Regular expression matching on graphics hardware for intrusion detection. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 265–283. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04342-0_14

    Chapter  Google Scholar 

  13. Hatzivasilis, G., Papaefstathiou, I., Manifavas, C.: SCOTRES: secure routing for IoT and CPS. IEEE Internet Things J. (IoT) 4(6), 2129–2141 (2017)

    Article  Google Scholar 

  14. Hatzivasilis, G., Papaefstathiou, I., Manifavas, C.: Real-time management of railway CPS. In: 5th EUROMICRO/IEEE Workshop on Embedded and Cyber-Physical Systems, ECYPS 2017, 11–15 June, Bar, Montenegro. IEEE (2017)

    Google Scholar 

  15. Hatzivasilis, G., Fysarakis, K., Soultatos, O., Askoxylakis, I., Papaefstathiou, I., Demetriou, G.: The industrial internet of things as an enabler for a circular economy Hy-LP: a novel IIoT protocol, evaluated on a Wind Park’s SDN/NFV-enabled 5G industrial network. Comput. Commun. Spec. Issue Energy-aware Des. Sustain. 5G Netw. 119, 127–137 (2018)

    Google Scholar 

  16. National Institute of Standards & Technology (NIST): SHA-3 Winner Announcement. http://csrc.nist.gov/groups/ST/hash/sha-3/winner_sha-3.html

  17. Alexandris, G., Alexaki, S., Katos, V., Hatzivasilis, G.: Blockchains as enablers for auditing cooperative circular economy networks. In: 23rd IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks, CAMAD 2018, 17–19 September, Barcelona, Spain, pp. 1–7. IEEE (2018)

    Google Scholar 

  18. NVIDIA Jetson TK1. http://www.nvidia.com/object/jetson-tk1-embedded-dev-kit.html

  19. NVIDIA: GeForce GTX 1050. https://www.nvidia.com/en-us/geforce/products/10series/geforce-gtx-1050/

  20. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21

    Chapter  Google Scholar 

  21. Sevestre, G.: Keccak tree hashing on GPU, using NVIDIA CUDA API. https://sites.google.com/site/keccaktreegpu/

Download references

Acknowledgment

This work has received funding from the European Union Horizon’s 2020 research and innovation programme under grant agreement No. 780315 (SEMIoTICS). The authors would also like to thank the network engineers maintaining the subject wind park in Brande, Denmark for their valuable input in interpreting the network traces.

Author information

Authors and Affiliations

  1. Institute of Computer Science, Foundation for Research and Technology – Hellas (FORTH), N. Plastira 100, 70013, Heraklion, Crete, Greece

    George Hatzivasilis & Ioannis Askoxylakis

  2. Sphynx Technology Solutions, Gubelstr 12, 6300, Zuk, Switzerland

    Konstantinos Fysarakis

  3. Department of Computer Science, University of Crete, Voutes University Campus, 70013, Heraklion, Crete, Greece

    Alexander Bilanakos

Authors
  1. George Hatzivasilis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Fysarakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ioannis Askoxylakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alexander Bilanakos
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to George Hatzivasilis .

Editor information

Editors and Affiliations

  1. University of Patras, Patras, Greece

    Apostolos P. Fournaris

  2. University of Patras, Patras, Greece

    Konstantinos Lampropoulos

  3. Advanced Network Architectures Lab, Barcelona, Spain

    Eva Marín Tordera

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hatzivasilis, G., Fysarakis, K., Askoxylakis, I., Bilanakos, A. (2019). CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services. In: Fournaris, A., Lampropoulos, K., Marín Tordera, E. (eds) Information and Operational Technology Security Systems. IOSec 2018. Lecture Notes in Computer Science(), vol 11398. Springer, Cham. https://doi.org/10.1007/978-3-030-12085-6_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-12085-6_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-12084-9

  • Online ISBN: 978-3-030-12085-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation