direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

Es gibt keine deutsche Übersetzung dieser Webseite.

Robin Sommer's Publications

Operational Experiences with High-Volume Network Intrusion Detection
Zitatschlüssel DFPS-OEHNID-04
Autor Dreger, Holger and Feldmann, Anja and Paxson, Vern and Sommer, Robin
Buchtitel CCS '04: Proceedings of the 11th ACM conference on Computer and communications security
Seiten 2–11
Jahr 2004
ISBN 1-58113-961-6
DOI http://dx.doi.org/10.1145/1030083.1030086
Ort Washington DC, USA
Adresse New York, NY, USA
Verlag ACM Press
Zusammenfassung In large-scale environments, network intrusion detection systems (NIDSs) face extreme challenges with respect to traffic volume, traffic diversity, and resource management. While crucial for acceptance and operational deployment, the research literature mainly omits such practical difficulties. In this paper, we offer an evaluation based on extensive operational experience. More specifically, we identify and explore key factors with respect to resource management and efficient packet processing and highlight their impact using a set of real-world traces. On the one hand, these insights help us gauge the trade-offs of tuning a NIDS. On the other hand, they motivate us to explore several novel ways of reducing resource requirements. These enable us to improve the state management considerably as well as balance the processing load dynamically. Overall this enables us to operate a NIDS successfully in our highvolume network environments.
Link zur Publikation Download Bibtex Eintrag

Zusatzinformationen / Extras


Schnellnavigation zur Seite über Nummerneingabe