Loading...
Loading...

Go to the content (press return)

Hardware/software mechanisms for protecting an IDS against algorithmic complexity attacks

Author
Sreekar Shenoy, G.; Tubella, J.; Gonzalez, A.
Type of activity
Presentation of work at congresses
Name of edition
IEEE 26th International Parallel and Distributed Processing Symposium
Date of publication
2012
Presentation's date
2012
Book of congress proceedings
IEEE 26th International Parallel and Distributed Processing Symposium workshops & PhD forum (IPDPSW), 2012: 21-25 May 2012, Shanghai, China
First page
1190
Last page
1196
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
DOI
https://doi.org/10.1109/IPDPSW.2012.145 Open in new window
Repository
http://hdl.handle.net/2117/19426 Open in new window
URL
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6270773 Open in new window
Abstract
Intrusion Detection Systems (IDS) have emerged as one of the most promising ways to secure systems in the network. An IDS like the popular Snort[17] detects attacks on the network using a database of previous attacks. So in order to detect these attack strings in the packet, Snort uses the Aho-Corasick algorithm. This algorithm first constructs a Finite State Machine (FSM) from the attack strings, and subsequently traverses the FSM using bytes from the packet. We observe that there are input byt...
Citation
Sreekar Shenoy, G.; Tubella, J.; González, A. Hardware/software mechanisms for protecting an IDS against algorithmic complexity attacks. A: IEEE International Parallel and Distributed Processing Symposium. "Proceedings of the 2012 IEEE 26th International Parallel and Distributed Processing Symposium: workshops: 21-25 May 2012, Shanghai, China". Shanghai: Institute of Electrical and Electronics Engineers (IEEE), 2012, p. 1190-1196.
Keywords
Defense mechanisms, Hardware support, Intrusion detection systems
Group of research
ARCO - Microarchitecture and Compilers

Participants