Skip to main content
SpringerLink
Log in

ATPS – Adaptive Threat Prevention System for High-Performance Intrusion Detection and Response

  • Conference paper
Managing Next Generation Networks and Services (APNOMS 2007)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4773))

Included in the following conference series:

  • 1049 Accesses

Abstract

The fast extension of inexpensive computer networks has increased the problem of unauthorized access and tampering with data. Many NIDSs are developed till now to respond these network attacks. As network technology presses forward, Gigabit Ethernet has become the actual standard for large network installations. Therefore, software solutions in developing high-speed NIDSs are increasingly impractical. It thus appears well motivated to investigate the hardware-based solutions. Although several solutions have been proposed recently, finding an efficient solution is considered as a difficult problem due to the limitations in resources such as a small memory size, as well as the growing link speed. In this paper, we propose the FPAG-based intrusion detection technique to detect and respond variant attacks on high-speed links. It is possible through novel pattern matching mechanism and heuristic analysis mechanism that is processed on FPGA-based reconfiguring hardware. Most of all, It was designed to fully exploit hardware parallelism to achieve real-time packet inspection, to require a small memory for storing signature. The technique is a part of our proposed system, called ATPS(Adaptive Threat Prevention System) recently developed. That is, the proposed system has hardware architecture that can be capable of provide the high-performance detection mechanism.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kim, B.-K., Kim, I.-K., Kim, K.-Y., Jang, J.-S.: Design and Implementation of High-Performance Intrusion Detection System. In: Laganà, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3046, pp. 594–602. Springer, Heidelberg (2004)

    Google Scholar 

  2. Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.: Stateful intrusion detection for high-speed networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 266–274. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  3. ISS. RealSecure Gigabit Network Sensor (September 2002), http://www.iss.net/products_services/enterprise_protection/rsnetwork/gigabitsensor.php

  4. Symantec. ManHunt (2002), http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=156

  5. CISCO. CISCO Intrusion Detection System. Technical Information (November 2001)

    Google Scholar 

  6. Roesch, M.: Snort-Lightweight Intrusion Detection for Networks. In: Proceedings of the USENIX LISA 1999 Conference (November 1999)

    Google Scholar 

  7. Ranum, M.: Burglar Alarms for Detecting Intrusions, NFR Inc. (1999)

    Google Scholar 

  8. Ptacek, T., Newsham, T.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, Secure Networks Inc. (1998)

    Google Scholar 

  9. Debar, H., Dacier, M., Wespi, A.: Research Report Towards a Taxonomy of Intrusion Detection Systems, Technical Report RZ 3030, IBM Research Division, Zurich Research Laboratory (June 1998)

    Google Scholar 

  10. Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proceedings of the 17th National Computer Security Conference, pp. 11–21 (October 1994)

    Google Scholar 

  11. Anderson, D., Frivold, T., Valdes, A.: Next-generation intrusion detection expert system(NIDES), Technical Report SRI-CLS-95-07 (May 1995)

    Google Scholar 

  12. Kumar, S.: Classification and Detection of Computer Intrusions, Phd, Purdue University (1995)

    Google Scholar 

  13. Yi, S., Kim, B.-k., Oh, J., Jang, J., Kesidis, G., Das, C.R.: Memory-Efficient Content Filtering Hardware for High-Speed Intrusion Detection Systems. In: Proceedings of the 2007 ACM Symposium on Applied Computing, Seoul, Korea, March 11-15, pp. 264–269. ACM Press, New York (2007)

    Chapter  Google Scholar 

  14. http://www.ixiacom.com

  15. http://www.blasdesoftware.net

  16. http://www.nessus.org

Download references

Author information

Authors and Affiliations

  1. Security Gateway System Team, Electronics and Telecommunications Research Institute, Gajeong-dong, Yuseong-gu, Daejeon, 305-700, Korea

    Byoungkoo Kim, Seungyong Yoon & Jintae Oh

Authors
  1. Byoungkoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seungyong Yoon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jintae Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Shingo Ata Choong Seon Hong

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, B., Yoon, S., Oh, J. (2007). ATPS – Adaptive Threat Prevention System for High-Performance Intrusion Detection and Response. In: Ata, S., Hong, C.S. (eds) Managing Next Generation Networks and Services. APNOMS 2007. Lecture Notes in Computer Science, vol 4773. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75476-3_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75476-3_35

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75475-6

  • Online ISBN: 978-3-540-75476-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation