پديد آورنده :
مهدي نياالوار، پيام
عنوان :
كاربردپذيري كارت هاي گرافيكي در سيستم هاي تشخيص نفوذ پرسرعت
مقطع تحصيلي :
كارشناسي ارشد
گرايش تحصيلي :
معماري كامپيوتر
محل تحصيل :
اصفهان: دانشگاه صنعتي اصفهان، دانشكده برق و كامپيوتر
صفحه شمار :
يازده،89ص.: مصور،جدول،نمودار
يادداشت :
ص.ع.به فارسي و انگليسي
استاد راهنما :
مهدي برنجكوب
توصيفگر ها :
GPU , NIDS , SIMD , خط لوله , چند نخي
تاريخ نمايه سازي :
30/7/92
استاد داور :
هاشمي، فانيان
دانشكده :
مهندسي برق و كامپيوتر
چكيده فارسي :
به فارسي و انگليسي: قابل رويت در نسخه ديجيتالي
چكيده انگليسي :
Abstract A Network Intrusion Detection System NIDS is an important topic of the computer and information security feild Its main goal is to probe network activities and differentiate between normal activities of the network and behaviors that can be classified as intrusion Intrusion detection methods are divided to two categories signature based detection and anomaly detection Anomaly based detection systems are used to detect unknown attacks but they usually result in lots of false positive alerts On the other hand signature based systems are unable to detect attacks for which they don t have any matching signature but they are typically more accurate so signature based detection is being considered in most commercial intrusion detection systems Network intrusion detection systems which should perform time consuming evaluation of every packet received from network have faced throughput challenge as a result of the increase in the speed of network communications and the high volume of Internet threats In an NIDS the most important and time consuming processes are pattern matching and deep inspection of the header and the payload of packets Several analyses show that this process can take up to 75 of the time of processing packets In this research relying on the processing power of general purpose graphics cards which seem to be a better option compared to other hardware technologies like FPGAs with regard to speed scalability flexibility ease of programming and price and with the idea of having the signature based detection engine of NIDS systems run on GPU rather than CPU it is tried to present an efficient method to increase the speed of intrusion detection systems such as Snort The proposed method provides a means to perform payload matching and non payload matching of packets in a parallel platform on GPU This design processes input packets by combination of differnet paralleling methods such as pipelining technique using SIMD architecture of GPU and OpenMP library By the proposed method existence of signature based detection engine which is the most time consuming part of an NIDS has little effect on the increase of overall time which results in speed up Snort 4 3 to 10 8 depending on input traffic PDF created with pdfFactory trial version www pdffactory com
استاد راهنما :
مهدي برنجكوب
استاد داور :
هاشمي، فانيان
