A High-Performance Dependable Network Intrusion Prevention System with Adaptive Clustering
Date Issued
2007
Date
2007
Author(s)
Lin, Jung-Feng
DOI
en-US
Abstract
Security has become a big issue for all organizations in today's network environ-ment. More and more systems have been developed to secure the network infrastructure and communication over the Internet. Network intrusion prevention system (NIPS) is a kind of security system which can perform deeply content inspection and block the sus-pected packets. The demand for high performance NIPS is driven by the growing bandwidth available and the more complex packet inspection. In this thesis, we propose a clustering scheme by aggregating several devices to provide high throughput and im-plement the network intrusion prevention system over a cluster. The proposed scheme makes incoming traffic self-dispatched and applies traffic redistribution to keep the load of devices balanced. Base on the cluster scheme, we design a dynamic migration ap-proach to fast achieve the state of load balance with the variance of network. This clus-tering scheme also supports the fault tolerance and dynamic expansion without shutting down the system. Based on the designed architecture, we deploy Snort, which is a well-known and popular NIPS, on each device of the cluster and implement all the pro-posed mechanisms as kernel modules over embedded Linux. According to the results of performance evaluation, we can successfully build a high performance, dependable NIPS by means of the proposed schemes over the designed in-line device cluster.
Subjects
入侵防禦系統
叢集式架構
動態負載平衡
high performance packet process
IPS
cluster
load balance
fault tolerant
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-96-R94921107-1.pdf
Size
23.31 KB
Format
Adobe PDF
Checksum
(MD5):260dd8831d2ef0429b69e7f908cfa1b8