PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU

PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU

Nowadays, most of the important transaction done via internet. Information security assurance become so important to ensure confidentiality and prevent misusage. Intrusion detection and prevention system have been developed for long time. However, analysis speed of intrusion detection still not able...

Full description

Saved in:
Bibliographic Details
Main Author: FIKRI - NIM : 13513004 , AFRIZAL
Format: Final Project
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/25089
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:Nowadays, most of the important transaction done via internet. Information security assurance become so important to ensure confidentiality and prevent misusage. Intrusion detection and prevention system have been developed for long time. However, analysis speed of intrusion detection still not able to catch the network speed growth. <br /> <br /> <br /> <br /> <br /> One of the solution provided is extend analysis using multithread in order to perform parallel matching. This solution have been developed for CPU. Although, CPU core is very limited. The other approach is to utilize GPU. GPU can spawn a lot of thread at once. Thus, GPU is suitable to perform simple operation in large batches. <br /> <br /> <br /> <br /> <br /> String matching is among the most important parts of intrusion detection system. Often, the process of this part become bottleneck during packet analysis. This final year project will experiment about string matching implementation in Snort intrusion detection system using GPU. <br /> <br /> <br /> <br /> <br /> Implementing existing solution with GPU is not enough. GPU operation often bounded by I/O and memory. Few adjustments need to be done, such different thread allocation, different memory transfer scheme between host and device, packet buffering, and state machine structure. Speedup achieved by this evaluation is about 3 times higher than CPU with multithread solution.

Similar Items