Abstract
Network security has been a serious problem in the Internet. To face this issue, network intrusion detection tools have become indispensable for computer systems and network gateways. In this paper we propose an embedded, multi-core aware network intrusion detection system (NIDS), which has the following features: 1) It integrates a novel multi-core aware packet capture module, called the MCA ring, and an NIDS. 2) It exploits a zero-copy mechanism to remove the overheads of packet copy processing from the network interface driver to the NIDS application. 3) It uses the concept of process and IRQ affinity to enhance the processing speed. The performance of NIDS under different packet capture modules in multi-gigabits networks has also been analyzed and presented in this paper. The results show that our integrated multi-core aware MCA ring and NIDS is effective for detecting network intrusion attacks in multi-gigabits networks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
