Using Multi-core to Support Security-related Applications
|
|
- Charla Higgins
- 6 years ago
- Views:
Transcription
1 Using Multi-core to Support Security-related Applications Prof Wanlei Zhou Deakin University, Australia Dr Yang Xiang Central Queensland University, Australia Citation: Wanlei Zhou and Yang Xiang, "Using Multi-core to Support Securityrelated Applications", The 8th International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP2008), Cyprus, 9-11 June, 2008
2 Outline Part 1: Introduction to Multi-core Part 2: Background of multiprocessing Part 3:Security-related applications Part 4: Using multi-core to support security-related applications
3 Part 4: Using multi-core to support security-related applications 10. Security challenges Isolated running environment Parallel intrusion detection and packet filtering Parallel visualization of network monitoring Parallel processing of critical flaws and exploits 11. The need for multi-core What does multi-core offer? The need for multi-core What are the difficulties multi-core brings to security-related applications? 12. The support from multi-core Recent development in this area Partitioning and distributing workload of security-related applications Fine-grained multi-threading Smartly using the memory system Communications between cores New software architecture based on multi-core Our current projects on multi-core 13. Conclusions Vision: system bodyguard Future research directions and conclusions
4 10. Security challenges Isolated running environment Parallel intrusion detection and packet filtering Parallel visualization of network monitoring Parallel processing of critical flaws and exploits
5 10.1. Isolated running environment Why do we need isolated running environment? Security-related applications should be run separately from other applications Limit system failure to minimum area Isolation is a good way to provide security What do we need to isolate Processor Cache Memory I/O Data Challenges Malicious software can access almost all the resources Isolation must have support from hardware
6 10.2. Parallel intrusion detection and packet filtering Why do we need parallel intrusion detection and packet filtering? Faster processing speed Higher detection and filtering rate More intelligent, adaptive mechanisms can be used The key function in intrusion detection and packet filtering: deep packet inspection examine both packet headers and payloads What can be parallelized Deep packet inspection process Network traffic data Challenges High network bandwidth (Gbps) but low processing speed (Mbps) Deep packet inspection in real-time High true positive rate, low false positive rate, low false negative rate Frequently changed rules
7 10.3. Parallel visualization of network monitoring Why do we need visualization of network monitoring? Quickly identify the attack Dynamic management of network resources What do we need to visualize? Nodes Links Traffic direction and speed Locations Network characteristics, such as IP addresses, port numbers Contents in network traffic Correlated or reconstructed information from network traffic
8 10.3. Parallel visualization of network monitoring (continued) Example 1: Core AS on current Internet * Internet Atlas Gallery, visited May 2008
9 10.3. Parallel visualization of network monitoring (continued) Example 2: CodeRed worm infection * CodeRed Worm Infections in /8 on July 19, 2001, visited May 2008
10 10.3. Parallel visualization of network monitoring (continued) Challenges High network bandwidth (Gbps) but very low processing speed it is almost impossible to display real-time network conditions Visualizing a large amount of data Visualizing high-dimension data
11 10.4. Parallel processing of critical flaws and exploits Why do we need parallel processing of critical flaws and exploits? These computing-intensive processes prohibit other applications from smoothly running Security requirements from operating systems and applications What critical flaws and exploits do we need to process? Input validation failures. From security perspective, it is very important that all input data are validated prior to application processing Output sanitation. Generated output should be verified for all known values to prevent possible insertion of malicious input by hackers. Any unknown values, comments and identifiers must be eliminated
12 10.4. Parallel processing of critical flaws and exploits (continued) What critical flaws and exploits do we need to process? (continued) Buffer overflow. When an application or process tries to store data in a data storage or memory buffer, buffer overflow check should be carried out Data injection flaw. To prevent intruders piggyback user data or inject malicious code together with user data, all user data such as query strings, form fields, cookies, client-side scripts must be validated for known and valid values only Broken access control. It is important to verify the applicationspecific access control lists for all known risks and to run penetration test to identify potential access control failures Audit, logging and tracing failures. Carry out processes for audit, logging and tracing of exceptions and bugs with high availability and efficiency for applications is vital
13 10.4. Parallel processing of critical flaws and exploits (continued) Challenges Validating input parameters (such as data type, format, length, range, null-value handling, verifying for character set, etc) are time-consuming Output sanitation has been ignored by many applications because of the cost Processing large data injection flaw is difficult Access control lists are too large Audit, logging and tracing failures requires high processing power and data storage
14 11. The need for multi-core What does multi-core offer? The need for multi-core What are the difficulties multi-core brings to security-related applications?
15 11.1. What does multi-core offer? Higher processing power Lower energy requirement Potential isolated environment
16 11.2. The need for multi-core From the server or router side (network device), if the network security software is not fast enough, it can be very difficult to process every incoming packet then it would slow down the traffic From the client side (end user s computing device), it can also be very difficult to run network security applications without any interruption to normal applications because those computing-intensive applications significantly slow down other simultaneously running applications
17 11.2. The need for multi-core (continued) Current security-related applications in network devices or end user s computing devices can not do both: Processing security checks in real-time Processing information with large number of states and semantic contexts More processing power is urgently needed: what multi-core can provide
18 11.3. What are the difficulties multi-core brings to security-related applications? Multi-core provides a network security application with more processing power from the hardware perspective, the difficulties mainly come from software perspective How can we actually use multi-core to continue running the network security applications while keeping the overall system performance? How can we efficiently partition and distribute the workload of network security applications between the different cores in the multi-core processor? How can we split network data and solve the data dependency problem? As multi-core uses shared off-chip memory, how can we smartly utilize the memory then it will bring less memory access latencies? How can we synchronize and coordinate different threads of the applications when it is parallelized on multi-core?
19 12. The support from multi-core Recent development in this area Partitioning and distributing workload of security-related applications Fine-grained multi-threading Smartly using the memory system Communications between cores New software architecture based on multicore Our current projects on multi-core
20 12.1. Recent development in this area Automatically mapping applications onto multi-core systems Turning serial applications into parallel applications without special security considerations Limitations: Coarse-grained parallelisms Security applications have own unique behavioral characteristics such as frequent memory or disk access, complex data structures, and high bandwidth and high speed requirements - automatically mapping can not solve the problem References G. S. Sohi, S. E. Breach and T. N. Vijaykumar, "Multiscalar Processors", Proceedings of 22nd Annual International Symposium on Computer Architecture, pp , M. B. Taylor, W. Lee, J. Miller, D. Wentzlaff, I. Bratt, B. Greenwald, H. Hoffmann, P. Johnson, J. Kim, J. Psota, A. Saraf, N. Shnidman, V. Strumpen, M. Frank, S. Amarasinghe and A. Agarwal, "Evaluation of the Raw Microprocessor: An Exposed-Wire-Delay Architecture for ILP and Streams", Proceedings of 31st Annual International Symposium on Computer Architecture, pp. 2-13, J. Yan and W. Zhang, "Hybrid Multi-Core Architecture for Boosting Single-Threaded Performance", ACM SIGARCH Computer Architecture News, vol. 35, no. 1, pp , H. Zhong, S. A. Lieberman and S. A. Mahlke, "Extending Multicore Architectures to Exploit Hybrid Parallelism in Single-thread Applications", Proceedings of IEEE 13th International Symposium on High Performance Computer Architecture, pp , H. Zhou, "Dual-Core Execution: Building a Highly Scalable Single-Thread Instruction Window", Proceedings of 14th International Conference on Parallel Architectures and Compilation Techniques, pp , 2005.
21 12.1. Recent development in this area (continued) Virtualization Using virtual machine to utilize unused processing power Handling unsafe code: directly execute code until not safe Limitations: isolation is a problem shared memory and shared I/O References Stephen Herrod, The Future of Virtualization Technology, Proceedings of the 33rd annual international symposium on Computer Architecture, keynote, pp. 352, 2006 Matthew Carpenter, Tom Liston, and Ed Skoudis, Hiding Virtualization from Attackers and Malware, IEEE Security and Privacy, pp , vol. 5, no. 3, 2007 Nidhi Aggarwal, Parthasarathy Ranganathan, Norman P. Jouppi, and James E. Smith, Isolation in Commodity Multicore Processors, IEEE Computer, pp , vol. 40, no. 6, 2007
22 12.1. Recent development in this area (continued) Hardware-based parallelisms Using ASICs or FPGAs to accelerate the speed of processing network packets Require highly deliberate and customized programming, which is directly at odds with the pressing need to perform diverse, increasingly sophisticated forms of analysis Limitations: not flexible, expensive, not support sophisticated processing References O. Villa, D. P. Scarpazza and F. Petrini, Accelerating Real-Time String Searching with Multicore Processors, IEEE Computer, vol. 41, no. 4, pp , 2008 S. Dharmapurikar, P. Krishnamurthy, T. S. Sproull, J. W. Lockwood, Deep Packet Inspection Using Parallel Bloom Filters, IEEE Micro, vol. 24, no. 1, pp , 2004 H. Liu, K. Zheng, B. Liu, X. Zhang and Y. Liu, A Memory-Efficient Parallel String Matching Architecture for High-Speed Intrusion Detection, IEEE Journal on Selected Areas in Communications, vol. 24, no. 10, pp , 2006 C. L. Hayes and Y. Luo, DPICO: A High Speed Deep Packet Inspection Engine Using Compact Finite Automata, Proceedings of ACM/IEEE ANCS 07, pp , 2007 P. Piyachon and Y. Luo, Efficient Memory Utilization on Network Processors for Deep Packet Inspection, Proceedings of ACM/IEEE ANCS 06, pp , 2006 V. Paxson, K. Asanovi, S. Dharmapurikar, J. Lockwood, R. Pang, R. Sommer and N. Weaver, Rethinking Hardware Support for Network Analysis and Intrusion Prevention, Proceedings of the 1st conference on USENIX Workshop on Hot Topics in Security, 2006
23 12.2. Partitioning and distributing workload of security-related applications Parallelization can be created by slicing program regions into multiple communicating sequential parts or threads Characteristics of security-related applications must be carefully examined The key step to efficiently make use of multicore is to parallelise applications at application level, which means to optimize the parallelization not by program compilers, but by fine-grained analysis of each application then decide the detailed parallelization
24 12.2. Partitioning and distributing workload of security-related applications (continued) Three key questions require further study How can we divide computing tasks into smaller parts? We must break the traditional security-related applications into different smaller tasks that can concurrently run on cores How can we find and remove the dependencies to maximise parallelization? In order to run the single threaded applications in parallel, we need to limit the dependencies including data dependencies, memory dependencies, and control dependencies, which severely restrict the degree of parallelization How can we partition the application work load, especially for graphicbased security-related applications such as network visualizer, to realize the goal of real-time processing? Network security devices must be able to process a large amount of network data. For example, 1 hour data from a 100Mbps network interface processed by the network visualiser could theoretically equals 11 GB. Therefore we need to carefully consider this tough requirement of real-time processing when parallelizing security-related applications
25 12.3. Fine-grained multi-threading From software perspective, 2 forms of fine-grained thread-level parallelization can be used: Decoupled software pipelining The execution of a single iteration of a loop is subdivided and spread across multiple cores. When the compiler can create subdivisions that form an acyclic dependence graph, each subpart can be independently executed forming a pipeline Strand decomposition Strand decomposition refers to slicing program regions into a set of communicating subgraphs. Strands must be carefully identified to allow overlap of memory instructions and any cache misses that result From security-related application perspective, 2 forms of finegrained thread-level parallelization can be used: Packet-level multi-threading allocating network packet data directly into different threads, which is only suitable for single packet inspection Flow-level multi-threading reconstructing network packet data into flows, then allocating them into different threads, which is suitable for sophisticated applications such as intrusion detection systems * H. Zhong, S. A. Lieberman and S. A. Mahlke, "Extending Multicore Architectures to Exploit Hybrid Parallelism in Single-thread Applications", Proceedings of IEEE 13th International Symposium on High Performance Computer Architecture, pp , 2007.
26 12.4. Smartly using the memory system The inherent design feature of multi-core is to fasten memory access through the cache and memory system but not through network communications, if compared with traditional multi-processor cluster systems Excessively accessing external off-chip memory will significantly slow down the overall performance The key questions on this issue are How to compress the data structure efficiently while still maintaining fast processing speed? How to allocate data onto the hierarchical memory system to reduce memory access latency while balancing memory access load? How to avoid the cache contention problem, where multiple cores compete for usage of the shared L2 cache?
27 12.5. Communications between cores The cores in multi-core systems communicate through memory if the data is stored outside the cache Synchronisation of the cores is also performed through memory, thereby causing a high overhead for synchronisation High communication latency between cores can easily outweigh the benefit of parallelization Communication middleware and applications should be written in a multi-core aware manner to alleviate this problem Data should be carefully examined and stored in order to avoid unnecessary communications
28 12.6. New software architecture based on multi-core System architecture of using multi-core processors in network security applications * Yang Xiang, Wanlei Zhou, Using Multi-core Processors to Support Network Security Applications, 12 th IEEE International Workshop on Future Trends of Distributed Computing Systems, submitted May 2008
29 12.6 New software architecture based on multi-core (continued) Benefits that this architecture brings High performance The workload of security-related applications can be distributed to different cores to achieve high performance, in terms of latency, throughput, and CPU utilization Comprehensive With the processing power, the system can integrate as many modules (such as intrusion detection module, anti-virus module, and anti-spam module) as necessary Intelligent Highly computing-intensive methods can be performed to inspect packet payloads and detect anomalies Scalable Protection can be done by the cooperation between the end host level and the infrastructure level
30 12.7. Our current projects on Deakin University multi-core Defend against DDoS attacks by using multicore Multi-classifier classification of spam on a ubiquitous multi-core architecture Central Queensland University Personal computer bodyguard: using multicore to support security-related applications
31 12.7. Our current projects on multi-core (continued) Defend against DDoS attacks by using multicore Bodyguard architecture = front bodyguard + side bodyguard * Ashley Chonka, Wanlei Zhou, Keith Knapp, and Yang Xiang, "Protecting Information Systems from DDoS Attack Using Multicore Methodology", IEEE 8th International Conference on Computer and Information Technology, IEEE, 2008
32 12.7. Our current projects on multi-core (continued) Performance in DDoS defense * Ashley Chonka, Wanlei Zhou, Keith Knapp, and Yang Xiang, "Protecting Information Systems from DDoS Attack Using Multicore Methodology", IEEE 8th International Conference on Computer and Information Technology, IEEE, 2008
33 12.7. Our current projects on multi-core (continued) Spam classification by using multi-core Multi-classifier classification (MCC) spam filter architecture * Md. Rafiqul Islam, Jaipal Singh, Ashley Chonka, and Wanlei Zhou, "Multi-Classifier Classification of Spam on a Ubiquitous Multi-Core Architecture", 2008 IFIP International Workshop on Network and System Security, IEEE, 2008
34 12.7. Our current projects on multi-core (continued) * Md. Rafiqul Islam, Jaipal Singh, Ashley Chonka, and Wanlei Zhou, "Multi-Classifier Classification of Spam on a Ubiquitous Multi-Core Architecture", 2008 IFIP International Workshop on Network and System Security, IEEE, 2008
35 12.7. Our current projects on multi-core (continued) Performance on spam classification by using multi-core * Md. Rafiqul Islam, Jaipal Singh, Ashley Chonka, and Wanlei Zhou, "Multi-Classifier Classification of Spam on a Ubiquitous Multi-Core Architecture", 2008 IFIP International Workshop on Network and System Security, IEEE, 2008
36 12.7. Our current projects on multi-core (continued) Performance on spam classification by using multi-core * Md. Rafiqul Islam, Jaipal Singh, Ashley Chonka, and Wanlei Zhou, "Multi-Classifier Classification of Spam on a Ubiquitous Multi-Core Architecture", 2008 IFIP International Workshop on Network and System Security, IEEE, 2008
37 12.7. Our current projects on multi-core (continued) Parallel intrusion detection system by using multi-core Packet-level parallelization Flow-level parallelization * Daxin Tian, Yang Xiang, A Multi-core Supported Intrusion Detection System, 2008 IFIP International Workshop on Network and System Security, IEEE, 2008
38 12.7. Our current projects on multi-core (continued) Performance on intrusion detection system by using multi-core 0.7 dropping rate (core x 1) dropping rate (core x 2) false negative rate false positive rate dropping rate (core x 3) dropping rate (core x 4) Figure 2. Dropping rate by different number of cores used Figure 3. False negative and false positive rate by different number of cores used * Yang Xiang, Wanlei Zhou, Using Multi-core Processors to Support Network Security Applications, 12 th IEEE International Workshop on Future Trends of Distributed Computing Systems, submitted May 2008
39 13. Conclusions Vision: system bodyguard Future research directions and conclusions
40 13.1. Vision: system bodyguard Multi-core provides a possibility for creating a Bodyguard for each personal computer and network device The Bodyguard will perform security-related tasks described previously, tailored to the needs of individuals (similar to the development of personalized web pages, Google desktop, etc.) The Bodyguard could become a killer application for multi-core, as security is everyone s concern nowadays The aim of system bodyguard: protect the system in real-time, at all times
41 13.2. Future research directions and conclusions Future research directions Partitioning and distributing workload of security-related applications Fine-grained multi-threading Smartly using the memory system Communications between cores Isolation between cores
42 13.2. Future research directions and conclusions (continued) What have we covered in this tutorial? Part 1: Introduction to multi-core Part 2: Background of multiprocessing Part 3: Security-related applications Part 4: Using multi-core to support securityrelated applications
43 13.2. Future research directions and conclusions (continued) Concluding remarks Multi-core provide security-related applications with more processing power Rethinking of building security-related applications from software perspective is essential Parallelism based on multi-core faces many challenges System bodyguard will be a future paradigm of security-related applications
44 Thank you very much! Questions? Prof Wanlei Zhou Deakin University, Australia Dr Yang Xiang Central Queensland University, Australia
Packet Inspection on Programmable Hardware
Abstract Packet Inspection on Programmable Hardware Benfano Soewito Information Technology Department, Bakrie University, Jakarta, Indonesia E-mail: benfano.soewito@bakrie.ac.id In the network security
More informationStreamIt on Fleet. Amir Kamil Computer Science Division, University of California, Berkeley UCB-AK06.
StreamIt on Fleet Amir Kamil Computer Science Division, University of California, Berkeley kamil@cs.berkeley.edu UCB-AK06 July 16, 2008 1 Introduction StreamIt [1] is a high-level programming language
More informationWorkloads Programmierung Paralleler und Verteilter Systeme (PPV)
Workloads Programmierung Paralleler und Verteilter Systeme (PPV) Sommer 2015 Frank Feinbube, M.Sc., Felix Eberhardt, M.Sc., Prof. Dr. Andreas Polze Workloads 2 Hardware / software execution environment
More informationWHY PARALLEL PROCESSING? (CE-401)
PARALLEL PROCESSING (CE-401) COURSE INFORMATION 2 + 1 credits (60 marks theory, 40 marks lab) Labs introduced for second time in PP history of SSUET Theory marks breakup: Midterm Exam: 15 marks Assignment:
More informationIntel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances
Technology Brief Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances Intel PRO/1000 PT and PF Quad Port Bypass Server Adapters for In-line Server Appliances The world
More information소프트웨어기반고성능침입탐지시스템설계및구현
소프트웨어기반고성능침입탐지시스템설계및구현 KyoungSoo Park Department of Electrical Engineering, KAIST M. Asim Jamshed *, Jihyung Lee*, Sangwoo Moon*, Insu Yun *, Deokjin Kim, Sungryoul Lee, Yung Yi* Department of Electrical
More informationFuture-ready security for small and mid-size enterprises
First line of defense for your network Quick Heal Terminator (UTM) (Unified Threat Management Solution) Data Sheet Future-ready security for small and mid-size enterprises Quick Heal Terminator is a high-performance,
More informationAutomatic compilation framework for Bloom filter based intrusion detection
Automatic compilation framework for Bloom filter based intrusion detection Dinesh C Suresh, Zhi Guo*, Betul Buyukkurt and Walid A. Najjar Department of Computer Science and Engineering *Department of Electrical
More informationDemand fetching is commonly employed to bring the data
Proceedings of 2nd Annual Conference on Theoretical and Applied Computer Science, November 2010, Stillwater, OK 14 Markov Prediction Scheme for Cache Prefetching Pranav Pathak, Mehedi Sarwar, Sohum Sohoni
More informationBloom Filter for Network Security Alex X. Liu & Haipeng Dai
Bloom Filter for Network Security Alex X. Liu & Haipeng Dai haipengdai@nju.edu.cn 313 CS Building Department of Computer Science and Technology Nanjing University Bloom Filters Given a set S = {x 1,x 2,x
More informationData Sheet. DPtech IPS2000 Series Intrusion Prevention System. Overview. Series IPS2000-MC-N. Features
Data Sheet DPtech IPS2000 Series DPtech IPS2000 Series Intrusion Prevention System Overview With the rapid development of network, application layer attacks emerge endlessly, such as worms, Trojan horses,
More informationAnalysis of Black-Hole Attack in MANET using AODV Routing Protocol
Analysis of Black-Hole Attack in MANET using Routing Protocol Ms Neha Choudhary Electronics and Communication Truba College of Engineering, Indore India Dr Sudhir Agrawal Electronics and Communication
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls
More informationUsing Intel Streaming SIMD Extensions for 3D Geometry Processing
Using Intel Streaming SIMD Extensions for 3D Geometry Processing Wan-Chun Ma, Chia-Lin Yang Dept. of Computer Science and Information Engineering National Taiwan University firebird@cmlab.csie.ntu.edu.tw,
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationIQ for DNA. Interactive Query for Dynamic Network Analytics. Haoyu Song. HUAWEI TECHNOLOGIES Co., Ltd.
IQ for DNA Interactive Query for Dynamic Network Analytics Haoyu Song www.huawei.com Motivation Service Provider s pain point Lack of real-time and full visibility of networks, so the network monitoring
More informationNETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.
NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING. The old mantra of trust but verify just is not working. Never trust and verify is how we must apply security in this era of sophisticated breaches.
More informationKartik Lakhotia, Rajgopal Kannan, Viktor Prasanna USENIX ATC 18
Accelerating PageRank using Partition-Centric Processing Kartik Lakhotia, Rajgopal Kannan, Viktor Prasanna USENIX ATC 18 Outline Introduction Partition-centric Processing Methodology Analytical Evaluation
More informationACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems
ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been
More informationA Study of High Performance Computing and the Cray SV1 Supercomputer. Michael Sullivan TJHSST Class of 2004
A Study of High Performance Computing and the Cray SV1 Supercomputer Michael Sullivan TJHSST Class of 2004 June 2004 0.1 Introduction A supercomputer is a device for turning compute-bound problems into
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationIntrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks
Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial
More informationBloom Filters. References:
Bloom Filters References: Li Fan, Pei Cao, Jussara Almeida, Andrei Broder, Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol, IEEE/ACM Transactions on Networking, Vol. 8, No. 3, June 2000.
More informationUNIT I (Two Marks Questions & Answers)
UNIT I (Two Marks Questions & Answers) Discuss the different ways how instruction set architecture can be classified? Stack Architecture,Accumulator Architecture, Register-Memory Architecture,Register-
More informationProcessor Architectures At A Glance: M.I.T. Raw vs. UC Davis AsAP
Processor Architectures At A Glance: M.I.T. Raw vs. UC Davis AsAP Presenter: Course: EEC 289Q: Reconfigurable Computing Course Instructor: Professor Soheil Ghiasi Outline Overview of M.I.T. Raw processor
More informationAdvanced Pattern Based Virus Detection Algorithm for Network Security
National Conference on Emerging Trends in VLSI, Embedded and Communication Systems-2013 37 Advanced Pattern Based Virus Detection Algorithm for Network Security T.B. Binroy and B. Lakshmanan Abstract---
More informationCourse II Parallel Computer Architecture. Week 2-3 by Dr. Putu Harry Gunawan
Course II Parallel Computer Architecture Week 2-3 by Dr. Putu Harry Gunawan www.phg-simulation-laboratory.com Review Review Review Review Review Review Review Review Review Review Review Review Processor
More informationNetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content
More informationDistributed System Framework for Mobile Cloud Computing
Bonfring International Journal of Research in Communication Engineering, Vol. 8, No. 1, February 2018 5 Distributed System Framework for Mobile Cloud Computing K. Arul Jothy, K. Sivakumar and M.J. Delsey
More informationAutomated Signature Generation: Overview and the NoAH Approach. Bernhard Tellenbach
Automated Signature Generation: Overview and the NoAH Approach Structure Motivation: The speed of insecurity Overview Building Blocks and Techniques The NoAH approach 2 The speed of insecurity Source:
More informationTowards High-performance Flow-level level Packet Processing on Multi-core Network Processors
Towards High-performance Flow-level level Packet Processing on Multi-core Network Processors Yaxuan Qi (presenter), Bo Xu, Fei He, Baohua Yang, Jianming Yu and Jun Li ANCS 2007, Orlando, USA Outline Introduction
More informationMIT Laboratory for Computer Science
The Raw Processor A Scalable 32 bit Fabric for General Purpose and Embedded Computing Michael Taylor, Jason Kim, Jason Miller, Fae Ghodrat, Ben Greenwald, Paul Johnson,Walter Lee, Albert Ma, Nathan Shnidman,
More informationANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS
ANALYSIS AND EVALUATION OF DISTRIBUTED DENIAL OF SERVICE ATTACKS IDENTIFICATION METHODS Saulius Grusnys, Ingrida Lagzdinyte Kaunas University of Technology, Department of Computer Networks, Studentu 50,
More informationApplication Intelligence and Integrated Security Using Cisco Catalyst 6500 Supervisor Engine 32 PISA
Application Intelligence and Integrated Security Using Cisco Catalyst 6500 Supervisor Engine 32 PISA Overview The Cisco Catalyst 6500 Series Supervisor Engine 32 Programmable Intelligent Services Accelerator
More informationSerial. Parallel. CIT 668: System Architecture 2/14/2011. Topics. Serial and Parallel Computation. Parallel Computing
CIT 668: System Architecture Parallel Computing Topics 1. What is Parallel Computing? 2. Why use Parallel Computing? 3. Types of Parallelism 4. Amdahl s Law 5. Flynn s Taxonomy of Parallel Computers 6.
More informationConfigurable String Matching Hardware for Speeding up Intrusion Detection
Configurable String Matching Hardware for Speeding up Intrusion Detection Monther Aldwairi, Thomas Conte, Paul Franzon Dec 6, 2004 North Carolina State University {mmaldwai, conte, paulf}@ncsu.edu www.ece.ncsu.edu/erl
More informationDDoS Attack Detection Using Moment in Statistics with Discriminant Analysis
DDoS Attack Detection Using Moment in Statistics with Discriminant Analysis Pradit Pitaksathienkul 1 and Pongpisit Wuttidittachotti 2 King Mongkut s University of Technology North Bangkok, Thailand 1 praditp9@gmail.com
More informationComputer and Information Sciences College / Computer Science Department CS 207 D. Computer Architecture. Lecture 9: Multiprocessors
Computer and Information Sciences College / Computer Science Department CS 207 D Computer Architecture Lecture 9: Multiprocessors Challenges of Parallel Processing First challenge is % of program inherently
More informationActivating Intrusion Prevention Service
Activating Intrusion Prevention Service Intrusion Prevention Service Overview Configuring Intrusion Prevention Service Intrusion Prevention Service Overview Intrusion Prevention Service (IPS) delivers
More informationXIV International PhD Workshop OWD 2012, October Optimal structure of face detection algorithm using GPU architecture
XIV International PhD Workshop OWD 2012, 20 23 October 2012 Optimal structure of face detection algorithm using GPU architecture Dmitry Pertsau, Belarusian State University of Informatics and Radioelectronics
More informationComputer Architecture: Multithreading (I) Prof. Onur Mutlu Carnegie Mellon University
Computer Architecture: Multithreading (I) Prof. Onur Mutlu Carnegie Mellon University A Note on This Lecture These slides are partly from 18-742 Fall 2012, Parallel Computer Architecture, Lecture 9: Multithreading
More informationAn Introduction to Parallel Programming
An Introduction to Parallel Programming Ing. Andrea Marongiu (a.marongiu@unibo.it) Includes slides from Multicore Programming Primer course at Massachusetts Institute of Technology (MIT) by Prof. SamanAmarasinghe
More informationHybrid Regular Expression Matching for Deep Packet Inspection on Multi-Core Architecture
Hybrid Regular Expression Matching for Deep Packet Inspection on Multi-Core Architecture Yan Sun, Haiqin Liu, Victor C. Valgenti, and Min Sik Kim School of Electrical and Computer Engineering Washington
More informationCurriculum 2013 Knowledge Units Pertaining to PDC
Curriculum 2013 Knowledge Units Pertaining to C KA KU Tier Level NumC Learning Outcome Assembly level machine Describe how an instruction is executed in a classical von Neumann machine, with organization
More informationEarly Transition for Fully Adaptive Routing Algorithms in On-Chip Interconnection Networks
Technical Report #2012-2-1, Department of Computer Science and Engineering, Texas A&M University Early Transition for Fully Adaptive Routing Algorithms in On-Chip Interconnection Networks Minseon Ahn,
More informationAn Enhanced Bloom Filter for Longest Prefix Matching
An Enhanced Bloom Filter for Longest Prefix Matching Gahyun Park SUNY-Geneseo Email: park@geneseo.edu Minseok Kwon Rochester Institute of Technology Email: jmk@cs.rit.edu Abstract A Bloom filter is a succinct
More informationLecture 12. Application Layer. Application Layer 1
Lecture 12 Application Layer Application Layer 1 Agenda The Application Layer (continue) Web and HTTP HTTP Cookies Web Caches Simple Introduction to Network Security Various actions by network attackers
More informationTECHNOLOGY BRIEF. Compaq 8-Way Multiprocessing Architecture EXECUTIVE OVERVIEW CONTENTS
TECHNOLOGY BRIEF March 1999 Compaq Computer Corporation ISSD Technology Communications CONTENTS Executive Overview1 Notice2 Introduction 3 8-Way Architecture Overview 3 Processor and I/O Bus Design 4 Processor
More informationHigh Ppeed Circuit Techniques for Network Intrusion Detection Systems (NIDS)
The University of Akron IdeaExchange@UAkron Mechanical Engineering Faculty Research Mechanical Engineering Department 2008 High Ppeed Circuit Techniques for Network Intrusion Detection Systems (NIDS) Ajay
More informationAccelerating String Matching Algorithms on Multicore Processors Cheng-Hung Lin
Accelerating String Matching Algorithms on Multicore Processors Cheng-Hung Lin Department of Electrical Engineering, National Taiwan Normal University, Taipei, Taiwan Abstract String matching is the most
More informationPayload Inspection Using Parallel Bloom Filter in Dual Core Processor
Payload Inspection Using Parallel Bloom Filter in Dual Core Processor Arulanand Natarajan (Corresponding author) Anna University Coimbatore, TN, India E-mail: arulnat@yahoo.com S. Subramanian Sri Krishna
More informationTOWARDS HIGH-PERFORMANCE NETWORK APPLICATION IDENTIFICATION WITH AGGREGATE-FLOW CACHE
TOWARDS HIGH-PERFORMANCE NETWORK APPLICATION IDENTIFICATION WITH AGGREGATE-FLOW CACHE Fei He 1, 2, Fan Xiang 1, Yibo Xue 2,3 and Jun Li 2,3 1 Department of Automation, Tsinghua University, Beijing, China
More informationComparison of Firewall, Intrusion Prevention and Antivirus Technologies
Comparison of Firewall, Intrusion Prevention and Antivirus Technologies (How each protects the network) Dr. Gaurav Kumar Jain Email: gaurav.rinkujain.jain@gmail.com Mr. Pradeep Sharma Mukul Verma Abstract
More informationComputer Architecture: Parallel Processing Basics. Prof. Onur Mutlu Carnegie Mellon University
Computer Architecture: Parallel Processing Basics Prof. Onur Mutlu Carnegie Mellon University Readings Required Hill, Jouppi, Sohi, Multiprocessors and Multicomputers, pp. 551-560 in Readings in Computer
More informationThe Google File System
The Google File System Sanjay Ghemawat, Howard Gobioff and Shun Tak Leung Google* Shivesh Kumar Sharma fl4164@wayne.edu Fall 2015 004395771 Overview Google file system is a scalable distributed file system
More informationExtensible Network Security Services on Software Programmable Router OS. David Yau, Prem Gopalan, Seung Chul Han, Feng Liang
Extensible Network Security Services on Software Programmable Router OS David Yau, Prem Gopalan, Seung Chul Han, Feng Liang System Software and Architecture Lab Department of Computer Sciences Purdue University
More informationUsing Industry Standards to Exploit the Advantages and Resolve the Challenges of Multicore Technology
Using Industry Standards to Exploit the Advantages and Resolve the Challenges of Multicore Technology September 19, 2007 Markus Levy, EEMBC and Multicore Association Enabling the Multicore Ecosystem Multicore
More information2. INTRUDER DETECTION SYSTEMS
1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding
More informationBUFFERZONE Advanced Endpoint Security
BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment,
More informationNext-Generation Firewall Series Datasheet
RUIJIE NETWORKS COMPANY LIMITED www.ruijienetworks.com Ruijie 1600 Next-Generation Firewall Series Datasheet Ruijie 1600 Firewall Series is a collection of nextgeneration firewall offering security, routing
More informationStreamWorks A System for Real-Time Graph Pattern Matching on Network Traffic
StreamWorks A System for Real-Time Graph Pattern Matching on Network Traffic GEORGE CHIN, SUTANAY CHOUDHURY AND KHUSHBU AGARWAL Pacific Northwest National Laboratory 1 Emerging Graph Patterns Goal: Detect
More informationA Hybrid Approach to CAM-Based Longest Prefix Matching for IP Route Lookup
A Hybrid Approach to CAM-Based Longest Prefix Matching for IP Route Lookup Yan Sun and Min Sik Kim School of Electrical Engineering and Computer Science Washington State University Pullman, Washington
More informationA Hybrid Hierarchical Control Plane for Software-Defined Network
A Hybrid Hierarchical Control Plane for Software-Defined Network Arpitha T 1, Usha K Patil 2 1* MTech Student, Computer Science & Engineering, GSSSIETW, Mysuru, India 2* Assistant Professor, Dept of CSE,
More informationInternet Security: Firewall
Internet Security: Firewall What is a Firewall firewall = wall to protect against fire propagation More like a moat around a medieval castle restricts entry to carefully controlled points restricts exits
More informationEudemon 1000E. Eudemon 1000E Series Product Quick Reference. Huawei Technologies Co., Ltd.
Eudemon 1000E Eudemon 1000E Series Product Quick Reference Huawei Technologies Co., Ltd. Eudemon 1000E The Eudemon 1000E series product is a new generation security gateway of multiple functions, which
More informationScalable, multithreaded, shared memory machine Designed for single word random global access patterns Very good at large graph problems
Cray XMT Scalable, multithreaded, shared memory machine Designed for single word random global access patterns Very good at large graph problems Next Generation Cray XMT Goals Memory System Improvements
More informationSpeculative Parallelization Technology s only constant is CHANGE. Devarshi Ghoshal Sreesudhan
Speculative Parallelization Technology s only constant is CHANGE Devarshi Ghoshal Sreesudhan Agenda Moore s law What is speculation? What is parallelization? Amdahl s law Communication between parallely
More informationA New Logging-based IP Traceback Approach using Data Mining Techniques
using Data Mining Techniques Internet & Multimedia Engineering, Konkuk University, Seoul, Republic of Korea hsriverv@gmail.com, kimsr@konuk.ac.kr Abstract IP Traceback is a way to search for sources of
More informationPerformance Improvement by N-Chance Clustered Caching in NoC based Chip Multi-Processors
Performance Improvement by N-Chance Clustered Caching in NoC based Chip Multi-Processors Rakesh Yarlagadda, Sanmukh R Kuppannagari, and Hemangee K Kapoor Department of Computer Science and Engineering
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 19: Intrusion Detection Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Intruders Intrusion detection host-based network-based
More informationManaging Dynamic Reconfiguration Overhead in Systems-on-a-Chip Design Using Reconfigurable Datapaths and Optimized Interconnection Networks
Managing Dynamic Reconfiguration Overhead in Systems-on-a-Chip Design Using Reconfigurable Datapaths and Optimized Interconnection Networks Zhining Huang, Sharad Malik Electrical Engineering Department
More informationGregex: GPU based High Speed Regular Expression Matching Engine
11 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing Gregex: GPU based High Speed Regular Expression Matching Engine Lei Wang 1, Shuhui Chen 2, Yong Tang
More informationExploiting ILP, TLP, and DLP with the Polymorphous TRIPS Architecture
Exploiting ILP, TLP, and DLP with the Polymorphous TRIPS Architecture Ramadass Nagarajan Karthikeyan Sankaralingam Haiming Liu Changkyu Kim Jaehyuk Huh Doug Burger Stephen W. Keckler Charles R. Moore Computer
More informationThe NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware Matthias Vallentin 1, Robin Sommer 2,3, Jason Lee 2, Craig Leres 2 Vern Paxson 3,2, and Brian Tierney 2 1 TU München
More informationRuler: High-Speed Packet Matching and Rewriting on Network Processors
Ruler: High-Speed Packet Matching and Rewriting on Network Processors Tomáš Hrubý Kees van Reeuwijk Herbert Bos Vrije Universiteit, Amsterdam World45 Ltd. ANCS 2007 Tomáš Hrubý (VU Amsterdam, World45)
More informationParallel Computing. Slides credit: M. Quinn book (chapter 3 slides), A Grama book (chapter 3 slides)
Parallel Computing 2012 Slides credit: M. Quinn book (chapter 3 slides), A Grama book (chapter 3 slides) Parallel Algorithm Design Outline Computational Model Design Methodology Partitioning Communication
More informationSecure coding practices
Secure coding practices www.infosys.com/finacle Universal Banking Solution Systems Integration Consulting Business Process Outsourcing Secure coding practices Writing good code is an art but equally important
More informationFinal Lecture. A few minutes to wrap up and add some perspective
Final Lecture A few minutes to wrap up and add some perspective 1 2 Instant replay The quarter was split into roughly three parts and a coda. The 1st part covered instruction set architectures the connection
More informationMotivation for Parallelism. Motivation for Parallelism. ILP Example: Loop Unrolling. Types of Parallelism
Motivation for Parallelism Motivation for Parallelism The speed of an application is determined by more than just processor speed. speed Disk speed Network speed... Multiprocessors typically improve the
More informationGame Theoretic Solutions to Cyber Attack and Network Defense Problems
Game Theoretic Solutions to Cyber Attack and Network Defense Problems 12 th ICCRTS "Adapting C2 to the 21st Century Newport, Rhode Island, June 19-21, 2007 Automation, Inc Dan Shen, Genshe Chen Cruz &
More informationClient Server & Distributed System. A Basic Introduction
Client Server & Distributed System A Basic Introduction 1 Client Server Architecture A network architecture in which each computer or process on the network is either a client or a server. Source: http://webopedia.lycos.com
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 12
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 12 Announcements Project 2 is on the web. Due: March 15th Send groups to Jeff Vaughan (vaughan2@seas) by Thurs. Feb. 22nd. Plan for
More informationA Firewall Architecture to Enhance Performance of Enterprise Network
A Firewall Architecture to Enhance Performance of Enterprise Network Hailu Tegenaw HiLCoE, Computer Science Programme, Ethiopia Commercial Bank of Ethiopia, Ethiopia hailutegenaw@yahoo.com Mesfin Kifle
More informationIntroduction Challenges with using ML Guidelines for using ML Conclusions
Introduction Challenges with using ML Guidelines for using ML Conclusions Misuse detection Exact descriptions of known bad behavior Anomaly detection Deviations from profiles of normal behavior First proposed
More informationronny@mit.edu www.cag.lcs.mit.edu/scale Introduction Architectures are all about exploiting the parallelism inherent to applications Performance Energy The Vector-Thread Architecture is a new approach
More informationAde Miller Senior Development Manager Microsoft patterns & practices
Ade Miller (adem@microsoft.com) Senior Development Manager Microsoft patterns & practices Save time and reduce risk on your software development projects by incorporating patterns & practices, Microsoft's
More informationait: WORST-CASE EXECUTION TIME PREDICTION BY STATIC PROGRAM ANALYSIS
ait: WORST-CASE EXECUTION TIME PREDICTION BY STATIC PROGRAM ANALYSIS Christian Ferdinand and Reinhold Heckmann AbsInt Angewandte Informatik GmbH, Stuhlsatzenhausweg 69, D-66123 Saarbrucken, Germany info@absint.com
More informationOnline Course Evaluation. What we will do in the last week?
Online Course Evaluation Please fill in the online form The link will expire on April 30 (next Monday) So far 10 students have filled in the online form Thank you if you completed it. 1 What we will do
More informationOVERHEADS ENHANCEMENT IN MUTIPLE PROCESSING SYSTEMS BY ANURAG REDDY GANKAT KARTHIK REDDY AKKATI
CMPE 655- MULTIPLE PROCESSOR SYSTEMS OVERHEADS ENHANCEMENT IN MUTIPLE PROCESSING SYSTEMS BY ANURAG REDDY GANKAT KARTHIK REDDY AKKATI What is MULTI PROCESSING?? Multiprocessing is the coordinated processing
More informationSecurity Research for Software Defined Network
, pp.87-93 http://dx.doi.org/10.14257/astl.2016.134.15 Security Research for Software Defined Network 1 Jianfei Zhou, 2 Na Liu 1 Admission and Employment Office, Chongqing Industry Polytechnic College
More informationOpenMP for next generation heterogeneous clusters
OpenMP for next generation heterogeneous clusters Jens Breitbart Research Group Programming Languages / Methodologies, Universität Kassel, jbreitbart@uni-kassel.de Abstract The last years have seen great
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationECE519 Advanced Operating Systems
IT 540 Operating Systems ECE519 Advanced Operating Systems Prof. Dr. Hasan Hüseyin BALIK (10 th Week) (Advanced) Operating Systems 10. Multiprocessor, Multicore and Real-Time Scheduling 10. Outline Multiprocessor
More informationA New Platform NIDS Based On WEMA
I.J. Information Technology and Computer Science, 2015, 06, 52-58 Published Online May 2015 in MECS (http://www.mecs-press.org/) DOI: 10.5815/ijitcs.2015.06.07 A New Platform NIDS Based On WEMA Adnan A.
More informationDesign methodology for multi processor systems design on regular platforms
Design methodology for multi processor systems design on regular platforms Ph.D in Electronics, Computer Science and Telecommunications Ph.D Student: Davide Rossi Ph.D Tutor: Prof. Roberto Guerrieri Outline
More informationDDOS Attack Prevention Technique in Cloud
DDOS Attack Prevention Technique in Cloud Priyanka Dembla, Chander Diwaker CSE Department, U.I.E.T Kurukshetra University Kurukshetra, Haryana, India Email: priyankadembla05@gmail.com Abstract Cloud computing
More informationOperating System Performance and Large Servers 1
Operating System Performance and Large Servers 1 Hyuck Yoo and Keng-Tai Ko Sun Microsystems, Inc. Mountain View, CA 94043 Abstract Servers are an essential part of today's computing environments. High
More informationFIREWALL BEST PRACTICES TO BLOCK
Brought to you by Enterprie Control Systems FIREWALL BEST PRACTICES TO BLOCK Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting
More information[Nitnaware *, 5(11): November 2018] ISSN DOI /zenodo Impact Factor
[Nitnaware *, 5(11): November 218] ISSN 2348 834 DOI- 1.5281/zenodo.1495289 Impact Factor- 5.7 GLOBAL JOURNAL OF ENGINEERING SCIENCE AND RESEARCHES INVESTIGATION OF DETECTION AND PREVENTION SCHEME FOR
More information