상세정보
학술대회
Design of SPI Module in Large-Scale Network
Cited 0 time in 
Download 0 time
Share 
Download 0 time
Share
- 발행일
- 200602
- 출처
- International Conference on Advanced Communication Technology (ICACT) 2006, pp.1706-1711
- 협약과제
- 06MK1100, 고성능 네트워크 정보보호 시스템 개발, 손승원
- 초록
- One of the major problems and limiting factor with network-based IDS(NIDS) is the high false positive alert rate. In order to reduce these false positive alerts, a lot of methods and techniques are proposed. Stateful Packet Inspection(SPI) is one of these solutions. Stateless IDSs generate tremendous false positive alerts while stick or snot attempts to attack. Most existing NIDS have SPI module which is supported statefulness but they don't satisfy high-performance in gigabit internet environment. To solve this problem, we propose hardware based SPI module that supported up to 1 million connections with 2-Step state management scheme in this Paper.
- KSP 제안 키워드
- False positive, High performance, Large-scale network, Limiting factors, Methods and techniques, Packet inspection, State management, hardware based, management scheme, network-based IDS