Design of cloud-based parallel exclusive signature matching model in intrusion detection

Yuxin Meng; Wenjuan Li; Lam For Kwok

doi:10.1109/HPCC.and.EUC.2013.34

Design of cloud-based parallel exclusive signature matching model in intrusion detection

Yuxin Meng, Wenjuan Li, Lam For Kwok

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

12 Citations (Scopus)

Abstract

Signature-based intrusion detection systems have been widely deployed in current network environments to defend against various attacks, but the expensive process of signature matching is a major suffering problem for these detection systems. Thus, a high-performance signature matching scheme is of great importance for a signature-based IDS. In our previous work, we have developed an exclusive signature matching scheme that aims to identify a mismatch instead of locating an accurate match and achieved good results in the experiments. With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative by offloading the expensive operations such as the process of signature matching to the cloud. In this paper, we attempt to design a parallel model to conduct the exclusive signature matching in a cloud. In the evaluation, we implemented our model in a cloud environment and investigated its performance compared with Snort. The experimental results indicate that our proposed model can achieve promising performance in such a cloud environment.

Original language	English
Title of host publication	Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013
Publisher	IEEE Computer Society
Pages	175-182
Number of pages	8
ISBN (Print)	9780769550886
DOIs	https://doi.org/10.1109/HPCC.and.EUC.2013.34
Publication status	Published - 2014
Externally published	Yes
Event	15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013 - Zhangjiajie, Hunan, China Duration: 13 Nov 2013 → 15 Nov 2013

Publication series

Name	Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013

Conference

Conference	15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013
Country/Territory	China
City	Zhangjiajie, Hunan
Period	13/11/13 → 15/11/13

Keywords

Cloud Computing
Exclusive Signature Matching
Intrusion Detection
Parallel Model

ASJC Scopus subject areas

Software

More information

10.1109/HPCC.and.EUC.2013.34

Cite this

Meng, Y., Li, W., & Kwok, L. F. (2014). Design of cloud-based parallel exclusive signature matching model in intrusion detection. In Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013 (pp. 175-182). Article 6831916 (Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013). IEEE Computer Society. https://doi.org/10.1109/HPCC.and.EUC.2013.34

Meng, Yuxin ; Li, Wenjuan ; Kwok, Lam For. / Design of cloud-based parallel exclusive signature matching model in intrusion detection. Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013. IEEE Computer Society, 2014. pp. 175-182 (Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013).

@inproceedings{bc9dfc040dca4858bded468f5514d3bf,

title = "Design of cloud-based parallel exclusive signature matching model in intrusion detection",

abstract = "Signature-based intrusion detection systems have been widely deployed in current network environments to defend against various attacks, but the expensive process of signature matching is a major suffering problem for these detection systems. Thus, a high-performance signature matching scheme is of great importance for a signature-based IDS. In our previous work, we have developed an exclusive signature matching scheme that aims to identify a mismatch instead of locating an accurate match and achieved good results in the experiments. With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative by offloading the expensive operations such as the process of signature matching to the cloud. In this paper, we attempt to design a parallel model to conduct the exclusive signature matching in a cloud. In the evaluation, we implemented our model in a cloud environment and investigated its performance compared with Snort. The experimental results indicate that our proposed model can achieve promising performance in such a cloud environment.",

keywords = "Cloud Computing, Exclusive Signature Matching, Intrusion Detection, Parallel Model",

author = "Yuxin Meng and Wenjuan Li and Kwok, {Lam For}",

year = "2014",

doi = "10.1109/HPCC.and.EUC.2013.34",

language = "English",

isbn = "9780769550886",

series = "Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013",

publisher = "IEEE Computer Society",

pages = "175--182",

booktitle = "Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013",

address = "United States",

note = "15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013 ; Conference date: 13-11-2013 Through 15-11-2013",

}

Meng, Y, Li, W & Kwok, LF 2014, Design of cloud-based parallel exclusive signature matching model in intrusion detection. in Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013., 6831916, Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013, IEEE Computer Society, pp. 175-182, 15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013, Zhangjiajie, Hunan, China, 13/11/13. https://doi.org/10.1109/HPCC.and.EUC.2013.34

Design of cloud-based parallel exclusive signature matching model in intrusion detection. / Meng, Yuxin; Li, Wenjuan; Kwok, Lam For.
Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013. IEEE Computer Society, 2014. p. 175-182 6831916 (Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013).

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - Design of cloud-based parallel exclusive signature matching model in intrusion detection

AU - Meng, Yuxin

AU - Li, Wenjuan

AU - Kwok, Lam For

PY - 2014

Y1 - 2014

N2 - Signature-based intrusion detection systems have been widely deployed in current network environments to defend against various attacks, but the expensive process of signature matching is a major suffering problem for these detection systems. Thus, a high-performance signature matching scheme is of great importance for a signature-based IDS. In our previous work, we have developed an exclusive signature matching scheme that aims to identify a mismatch instead of locating an accurate match and achieved good results in the experiments. With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative by offloading the expensive operations such as the process of signature matching to the cloud. In this paper, we attempt to design a parallel model to conduct the exclusive signature matching in a cloud. In the evaluation, we implemented our model in a cloud environment and investigated its performance compared with Snort. The experimental results indicate that our proposed model can achieve promising performance in such a cloud environment.

AB - Signature-based intrusion detection systems have been widely deployed in current network environments to defend against various attacks, but the expensive process of signature matching is a major suffering problem for these detection systems. Thus, a high-performance signature matching scheme is of great importance for a signature-based IDS. In our previous work, we have developed an exclusive signature matching scheme that aims to identify a mismatch instead of locating an accurate match and achieved good results in the experiments. With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative by offloading the expensive operations such as the process of signature matching to the cloud. In this paper, we attempt to design a parallel model to conduct the exclusive signature matching in a cloud. In the evaluation, we implemented our model in a cloud environment and investigated its performance compared with Snort. The experimental results indicate that our proposed model can achieve promising performance in such a cloud environment.

KW - Cloud Computing

KW - Exclusive Signature Matching

KW - Intrusion Detection

KW - Parallel Model

UR - http://www.scopus.com/inward/record.url?scp=84903952214&partnerID=8YFLogxK

U2 - 10.1109/HPCC.and.EUC.2013.34

DO - 10.1109/HPCC.and.EUC.2013.34

M3 - Conference article published in proceeding or book

AN - SCOPUS:84903952214

SN - 9780769550886

T3 - Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013

SP - 175

EP - 182

BT - Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013

PB - IEEE Computer Society

T2 - 15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013

Y2 - 13 November 2013 through 15 November 2013

ER -

Meng Y, Li W, Kwok LF. Design of cloud-based parallel exclusive signature matching model in intrusion detection. In Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013. IEEE Computer Society. 2014. p. 175-182. 6831916. (Proceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013). doi: 10.1109/HPCC.and.EUC.2013.34

Design of cloud-based parallel exclusive signature matching model in intrusion detection

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this