PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU
Nowadays, most of the important transaction done via internet. Information security assurance become so important to ensure confidentiality and prevent misusage. Intrusion detection and prevention system have been developed for long time. However, analysis speed of intrusion detection still not able...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/25089 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:25089 |
|---|---|
| spelling |
id-itb.:250892018-10-01T09:00:32ZPERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU FIKRI - NIM : 13513004 , AFRIZAL Indonesia Final Project INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/25089 Nowadays, most of the important transaction done via internet. Information security assurance become so important to ensure confidentiality and prevent misusage. Intrusion detection and prevention system have been developed for long time. However, analysis speed of intrusion detection still not able to catch the network speed growth. <br /> <br /> <br /> <br /> <br /> One of the solution provided is extend analysis using multithread in order to perform parallel matching. This solution have been developed for CPU. Although, CPU core is very limited. The other approach is to utilize GPU. GPU can spawn a lot of thread at once. Thus, GPU is suitable to perform simple operation in large batches. <br /> <br /> <br /> <br /> <br /> String matching is among the most important parts of intrusion detection system. Often, the process of this part become bottleneck during packet analysis. This final year project will experiment about string matching implementation in Snort intrusion detection system using GPU. <br /> <br /> <br /> <br /> <br /> Implementing existing solution with GPU is not enough. GPU operation often bounded by I/O and memory. Few adjustments need to be done, such different thread allocation, different memory transfer scheme between host and device, packet buffering, and state machine structure. Speedup achieved by this evaluation is about 3 times higher than CPU with multithread solution. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
Nowadays, most of the important transaction done via internet. Information security assurance become so important to ensure confidentiality and prevent misusage. Intrusion detection and prevention system have been developed for long time. However, analysis speed of intrusion detection still not able to catch the network speed growth. <br />
<br />
<br />
<br />
<br />
One of the solution provided is extend analysis using multithread in order to perform parallel matching. This solution have been developed for CPU. Although, CPU core is very limited. The other approach is to utilize GPU. GPU can spawn a lot of thread at once. Thus, GPU is suitable to perform simple operation in large batches. <br />
<br />
<br />
<br />
<br />
String matching is among the most important parts of intrusion detection system. Often, the process of this part become bottleneck during packet analysis. This final year project will experiment about string matching implementation in Snort intrusion detection system using GPU. <br />
<br />
<br />
<br />
<br />
Implementing existing solution with GPU is not enough. GPU operation often bounded by I/O and memory. Few adjustments need to be done, such different thread allocation, different memory transfer scheme between host and device, packet buffering, and state machine structure. Speedup achieved by this evaluation is about 3 times higher than CPU with multithread solution. |
| format |
Final Project |
| author |
FIKRI - NIM : 13513004 , AFRIZAL |
| spellingShingle |
FIKRI - NIM : 13513004 , AFRIZAL PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| author_facet |
FIKRI - NIM : 13513004 , AFRIZAL |
| author_sort |
FIKRI - NIM : 13513004 , AFRIZAL |
| title |
PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| title_short |
PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| title_full |
PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| title_fullStr |
PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| title_full_unstemmed |
PERFORMANCE IMPROVEMENT OF PATTERN MATCHING MODULE IN SNORT NETWORK INTRUSION DETECTION SYSTEM USING GPU |
| title_sort |
performance improvement of pattern matching module in snort network intrusion detection system using gpu |
| url |
https://digilib.itb.ac.id/gdl/view/25089 |
| _version_ |
1822020587164270592 |