Title :
Intrusion detection at 100G
Author :
Campbell, Scott ; Lee, Jason
Abstract :
Driven by the growing data transfer needs of the scientific community and the standardization of the 100 Gbps Ethernet Specification, 100 Gbps is now becoming a reality for many HPC sites. This tenfold increase in bandwidth creates a number of significant technical challenges. We show that by using the heavy tail flow effect as a filter, it should be possible to perform active IDS analysis at this traffic rate using a cluster of commodity systems driven by a dedicated load balancing mechanism. Additionally, we examine the nature of current network traffic characteristics applying them to 100 Gpbs speeds.
Keywords :
computer network security; local area networks; resource allocation; 100 Gbps Ethernet specification; IDS analysis; commodity systems; dedicated load balancing mechanism; intrusion detection; traffic rate; Bandwidth; Hardware; IP networks; Monitoring; Security; Software; Timing;
Conference_Titel :
High Performance Computing, Networking, Storage and Analysis (SC), 2011 International Conference for
Electronic_ISBN :
978-1-4503-0771-0
