Skip to main content
SpringerLink
Log in

Network Traffic Sensor for Multiprocessor Architectures: Design Improvement Proposals

  • Conference paper
Book cover Service Assurance with Partial and Intermittent Resources (SAPIR 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3126))

Abstract

This document describes several design proposals to enhance net-work sensor performance on multiprocessor architectures. Our main contributions are related to the design of an autonomous sensor and to the idea of per-forming some parallelization of the analysis. These proposals can be implemented in network sensors such as intrusion detection systems, network antivirus appliances, QoS monitors and any other device based on network traffic analysing. Taking a certain model of traffic analysis as our starting point, we look deeply into some design proposals to address the difficulties involved in the parallelization. In this work, we propose a series of resources that can help us to solve these difficulties. Later, we study the prototypes developed in order to test different design alternatives and, finally, present selected case studies. We finish by quantitatively analysing the results to validate our design proposals.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Internet Security Systems: The Evolution of Intrusion Detection Technology. ISS Technical White Paper (August 29, 2001)

    Google Scholar 

  2. Snort Home Page: Lightweight Intrusion Detection System, http://www.snort.org

  3. Prelude Home Page, http://www.prelude-ids.org/

  4. Argus Home Page, http://www.qosient.com/argus/

  5. Laing, B., Alderson, J., Rezabek, J., Bond, N.: How To Guide-Implementing a Network Based Intrusion Detection System. Internet Security Systems (2000)

    Google Scholar 

  6. Roesch, M.: Snort Users Manual. Snort Release: 1.8.3. Technical documentation (December 2001)

    Google Scholar 

  7. Internet Security Systems and Top Layer Networks: Gigabit Ethernet Intrusion Detection Solutions. Performance Test Results and Configuration Notes (July 2000)

    Google Scholar 

  8. Mell, P., Grance, T.: Guidelines to Federal Organizations on Use of the CVE Vulnerability Naming Scheme Within its Acquired Products and Information Technology Security Procedures. Recommendations of the National Institute of Standards and Technology (NIST) (January 2002)

    Google Scholar 

  9. Messmer, E.: Intrusion alert: Gigabit-speed intrusion-detection systems miss attacks on faster nets. Network World Fusion News (March 12, 2001)

    Google Scholar 

  10. Messmer, E.: More intrusion-detection options emerge. Network World Fusion News (November 11, 2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Departamento de Electrónica y Telecomunicaciones – Área de Ingeniería Telemática, Escuela Superior de Ingeniería de Bilbao, Universidad del País Vasco / Euskal Herriko Unibertsitatea, Alameda de Urquijo s/n, 48013, Bilbao, Spain

    Armando Ferro, Fidel Liberal, Alejandro Muñoz & Cristina Perfecto

Authors
  1. Armando Ferro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fidel Liberal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alejandro Muñoz
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cristina Perfecto
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cisco Systems, Inc., 10 West Tasman Drive, Bldg O/2, CA 95134, San Jose, USA

    Petre Dini

  2. IUT, University of Haute Alsace, 34, rue du Grillenbreit, 68008, Colmar, France

    Pascal Lorenz

  3. Departamento de Computacao, Universidade Federal do Ceará - UFC, Campus do Pici, Bloco 910, 60455-760, Fortaleza, Ceará, Brazil

    José Neuman de Souza

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ferro, A., Liberal, F., Muñoz, A., Perfecto, C. (2004). Network Traffic Sensor for Multiprocessor Architectures: Design Improvement Proposals. In: Dini, P., Lorenz, P., de Souza, J.N. (eds) Service Assurance with Partial and Intermittent Resources. SAPIR 2004. Lecture Notes in Computer Science, vol 3126. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-27767-5_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-27767-5_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22567-6

  • Online ISBN: 978-3-540-27767-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation