计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (33): 78-81.

• 网络、通信、安全 • 上一篇    下一篇

基于GPU的高速网络入侵检测系统设计

卢永菁,王 东   

  1. 湖南大学 信息科学与工程学院,长沙 410082
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-11-21 发布日期:2011-11-21

High speed NIDS design based on GPU

LU Yongjing,WANG Dong   

  1. College of Information Science and Engineering,Hunan University,Changsha 410082,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-11-21 Published:2011-11-21

PDF

摘要: 随着网络带宽的不断增加,以及处理能力的限制,传统的网络入侵检测系统(Network Intrusion Detecting System,NIDS)面临挑战,如何提高NIDS的处理能力备受关注。通过专用设备提高检测速度,不但价格昂贵且无法大规模普及。通过对Linux网络协议栈的优化,以及常用入侵检测系统Snort的多线程化,结合了图形处理器(Graphic Processing Unit,GPU)的高性能并行计算能力,设计了一种高性能的软件入侵检测架构,突破现有NIDS使用普通CPU的计算瓶颈,以应对高速链路对入侵检测性能的要求。实验结果表明,高速网络中的数据包可以采用GPU来处理。

关键词: 网络入侵检测系统(NIDS), 图形处理器(GPU), Snort, 并行计算

Abstract: With the continuous increase in network bandwidth and the capacity constraints,the traditional Network Intrusion Detection Systems(NIDS) is facing challenges.How to improve the efficiency of NIDS in high-speed network environment is facing challenges.Specially designed acceleration hardware is used to improve the detection rate,which is not only of high costs and inflexibility,but also only applicable to special institutions and not suitable to a large-scale popularization and promotion.An NIDS is presented based on the Snort open-source that exploits the powerful high-performance of GPU parallel processing capability,combining with the optimized Linux networking stack and multiple threads of Snort,and a high-performance software intrusion detection structure is designed.The experimental results show that GPU is very suitable for high speed network.

Key words: Network Intrusion Detection Systems(NIDS), Graphic Processing Unit(GPU), Snort, parallel computing

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数