Abstract
With the ever-increasing deployment and usage of gigabit networks, traditional networks’ intrusion detection/prevention systems (IDSs/IPSs) have not scaled accordingly. More recently, researchers have been looking at hardware-based solutions that use field programmable gate arrays (FPGAs) to assist network IDSs/IPSs, and some proposed systems have been developed that can be scaled to achieve a high speed over 10 Gbps. However, these solutions have certain drawbacks. In this paper, we present a uniform high-speed traffic collection platform for intrusion detection/prevention based on sampling on FPGAs, called HSTCP. The methodology is when the proposed platform is unable to capture the whole network traffic, it will initiate elephant flow sampling rather than simple packets’ drop. Meanwhile, the sampling rate is adaptive to the traffic load changes in the elephant flow. The noteworthy features of HSTCP include the following: (a) it takes the self-similarity of network traffic into account with complete mice flows’ capture and elephant flow sampling; (b) it employs adaptive elephant flow sampling to retain inherent characteristics of network traffic; and (c) it provides a flexible and scalable platform for network IDSs/IPSs faced to the challenge of the future high-speed network.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
