摘要
随着网络带宽的不断增加,以及处理能力的限制,传统的网络入侵检测系统(Network Intrusion Detecting System,NIDS)面临挑战,如何提高NIDS的处理能力备受关注。通过专用设备提高检测速度,不但价格昂贵且无法大规模普及。通过对Linux网络协议栈的优化,以及常用入侵检测系统Snort的多线程化,结合了图形处理器(Graphic Processing Unit,GPU)的高性能并行计算能力,设计了一种高性能的软件入侵检测架构,突破现有NIDS使用普通CPU的计算瓶颈,以应对高速链路对入侵检测性能的要求。实验结果表明,高速网络中的数据包可以采用GPU来处理。
With the continuous increase in network bandwidth and the capacity constraints,the traditional Network Intrusion Detection Systems(NIDS) is facing challenges.How to improve the efficiency of NIDS in high-speed network environment is facing challenges.Specially designed acceleration hardware is used to improve the detection rate,which is not only of high costs and inflexibility,but also only applicable to special institutions and not suitable to a large-scale popularization and promo-tion.An NIDS is presented based on the Snort opensource that exploits the powerful high-performance of GPU parallel processing capability,combining with the optimized Linux networking stack and multiple threads of Snort,and a high-performance soft-ware intrusion detection structure is designed.The experimental results show that GPU is very suitable for high speed network.
出处
《计算机工程与应用》
CSCD
北大核心
2011年第33期78-81,共4页
Computer Engineering and Applications
