P4-ipsec: Site-to-site and host-to-site vpn with ipsec in p4-based sdn
In this work, we present P4-IPsec, a concept for IPsec in software-defined networks (SDN)
using P4 programmable data planes. The prototype implementation features ESP in tunnel …
using P4 programmable data planes. The prototype implementation features ESP in tunnel …
Enhancing Suricata intrusion detection system for cyber security in SCADA networks
K Wong, C Dillabaugh, N Seddigh… - 2017 IEEE 30th …, 2017 - ieeexplore.ieee.org
Industrial Control and SCADA (Supervisory Control and Data Acquisition) networks control
critical infrastructure such as power plants, nuclear facilities, and water supply systems …
critical infrastructure such as power plants, nuclear facilities, and water supply systems …
[HTML][HTML] A dynamic and scalable parallel Network Intrusion Detection System using intelligent rule ordering and Network Function Virtualization
Abstract A Network Intrusion Detection System (NIDS) is a fundamental security tool.
However, under heavy network traffic, a NIDS might become a bottleneck. In an overloaded …
However, under heavy network traffic, a NIDS might become a bottleneck. In an overloaded …
Scalable high-performance parallel design for network intrusion detection systems on many-core processors
Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the
relentless network link speed growth and increasing complexity of threats. Both hardware …
relentless network link speed growth and increasing complexity of threats. Both hardware …
A Network Function Virtualization Architecture for Automatic and Efficient Detection and Mitigation against Web Application Malware
This paper proposes and implements a Network Function Virtualization (NFV) security
architecture to provide automatic and efficient detection and mitigation against Web …
architecture to provide automatic and efficient detection and mitigation against Web …
[PDF][PDF] Dpdkstat: 40gbps statistical traffic analysis with off-the-shelf hardware
In recent years, advances in both hardware and software offer to user-space applications O
(10Gbps) worth of traffic. Processing data at such line rate with software running on …
(10Gbps) worth of traffic. Processing data at such line rate with software running on …
Work Balancing vs. Load Balancing for Network IDS Parallelization
Signature-based Network Intrusion Detection Systems (NIDS) is state-of-the-art for precise
attack detection. Using multiple instances of NIDS in parallel is considered the most …
attack detection. Using multiple instances of NIDS in parallel is considered the most …
An efficient security system for mobile data monitoring
During the last decade, rapid development of mobile devices and applications has produced
a large number of mobile data which hide numerous cyber‐attacks. To monitor the mobile …
a large number of mobile data which hide numerous cyber‐attacks. To monitor the mobile …
STEAL: Service Time-Aware Load balancer on many-core processors for fast intrusion detection
To realize the high-speed intrusion detection by accommodating many regex-based
signatures and the growing network link capacities, we propose a Service TimE-Aware Load …
signatures and the growing network link capacities, we propose a Service TimE-Aware Load …
Adaptive load balancing on multi-core IPsec gateway
W Li, S Hu, G Sun, Y Li - … and Architectures for Parallel Processing: 18th …, 2018 - Springer
Cloud service providers usually offer IPsec VPN services to tenants by deploying the
software IPsec gateway on the virtual machine. However, the current software IPsec …
software IPsec gateway on the virtual machine. However, the current software IPsec …