1 |
R. Bace and P. Mell, "Intrusion Detection Systems," National Institute of Standards and Technology (NIST), Special Publication, 800-31, 2001.
|
2 |
The snort project, "Snort users manual 2.9.7.3", August 2015.
|
3 |
Open information security foundation, "Suricata, open source IDSIPSNSM engine",
|
4 |
The bro project, "The Bro Network Security Monitor"
|
5 |
N. Hua, H. Song and T.V. Lakshman, "VariableStride Multi-Pattern Matching For Scalable Deep Packet Inspection," The 28th Conference on Computer Communications(INFOCOM 2009), Apr. 2009.
|
6 |
Y.-H. Choi and S.-W. Seo, "BLAST: Using BLAyered Bad-Character SHIFT Tables for HighSpeed Packet Filtering," IET Information Security, vol. 7, no. 3, pp. 195-202, Sep. 2013.
DOI
|
7 |
C. Kruegel, F. Valeur, G. Vigna, and R. Kemmerer, "Stateful Intrusion Detection for High-Speed Networks," In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), 2002.
|
8 |
M. Colajanni and M. Marchetti, "A parallel architecture for stateful intrusion detection in high traffic networks", IEEE IST Workshop on Monitoring, Attack Detection and Mitigation, Sep. 2006.
|
9 |
K. Xinidis, I. Charitakis, S. Antonatos, K.-G. Anagnostakis and E.-P. Markatos, "An Active Splitter Architecture for Intrusion Detection and Prevention," IEEE Transactions on Dependable and Secure Computing, vol. 3, no. 1, pp. 31-44, 2006.
DOI
|
10 |
Intel Corporation, "Supra-linear packet processing performance with intel multi-core processors," white paper, Intel Corporation, 2006.
|
11 |
Intel Corporation, "Removing System Bottlenecks in Multi-threaded Applications," white paper, Intel Corporation, 2008.
|
12 |
D.-L. Schuff, Y.-R. Choe, and V.-S. Pai, "Conservative vs. optimistic parallelization of stateful network intrusion detection," IEEE International Symposium on Performance Analysis of Systems and Software, 2008.
|
13 |
X. Chen, Y. Wu, .L. Xu, Y. Xue and J. Li, "Para-snort: A multi- thread snort on multi-core ia platform," 2009 Proceedings of Parallel and Distributed Computing and Systems (PDCS), 2009.
|
14 |
G. Vasiliadis, M. Polychronakis and S. Ioannidis, "MIDeA: A Multi-Parallel Intrusion Detection Architecture," In proceedings of the ACM conference on computer and communications security (CCS), 2011.
|
15 |
T. Limmer and F. Dressler, "Adaptive Load Balancing for Parallel IDS on Multi-Core Systems Using Prioritized Flows," 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN), pp. 1-8, 2011.
|
16 |
W. Wu and P. DeMar, "WireCAP: a novel packet capture engine for commodity NICs in high-speed networks," Proceedings of the 2014 conference on internet measurement conference, Nov. 2014.
|
17 |
M.A. Jamshed, J.-H. Lee , S.-W. Moon, I.-S. Yun, D.-J. Kim, S.-R Lee, Y Yi, K.-S Park, "Kargus: a highly-scalable software-based intrusion detection system," Proceedings of the 2012 ACM conference on computer and communications security (CCS'12), Oct. 2012.
|
18 |
J. Haiyang, Z. Guangxing, X. Gaogang, S. Kave and M. Laurent, " Scalable high-performance parallel design for Network Intrusion Detection Systems on many-core processors," 2013 ACM/IEEE symposium on architectures for networking and communications systems (ANCS), pp. 137-146, Oct. 2013.
|
19 |
H. Jiang, G. Xie and K. Salamatian, "Load Balancing by Ruleset Partition for Parallel IDS on Multi-Core Processors," 2013 International Conference on Computer Communications and Networks (ICCCN), 2013.
|
20 |
ntop, "PF RING: High-speed packet capture, filtering and analysis,"
|
21 |
The MAWI Working Group, "201212021400.dump.gz,"
|
22 |
The MAWI Working Group, "201212011400.dump.gz,"
|
23 |
snaketrap, "hbot trace: hbot.pcap",
|
24 |
moyix, "Regin malware PCAP files: 0cc299c0-632a-4cdd-a471- 623a10f46575.pcap"
|
25 |
Aaron Turner, "tcpreplay: pcap editing and reply tools for unix,"
|