By Topic

A high-performance clustering scheme with application in network intrusion prevention system

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Chien-Hua Chiu ; Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan ; Jung-Feng Lin ; Jiunn-Jye Lee ; Chin-Laung Lei

As network security gains more and more attention, network intrusion prevention systems (NIPS) gradually become one of the most important network systems used in modern Internet environment. The demand for high performance NIPS is driven by the growing bandwidth available in the last mile WAN links as well as the increasing complexity of packet inspection. In this paper, we propose an adaptive clustering scheme to scale the throughput of in-line devices. The proposed scheme aggregates the processing power of multiple in-line devices in a cluster by making incoming traffic self-dispatched in a transparent fashion, and incorporates a traffic redistribution mechanism that keeps the load of each device balanced. The cluster is also able to tolerate device failures so that devices in the cluster can be inserted or removed while the system is running. Based on the designed architecture, we deploy Snort, which is a well-known and popular NIPS, on each device of the cluster and implement all the proposed mechanisms as kernel modules over embedded Linux. According to the results of performance evaluation, we successfully build a high performance, load balancing, and fault tolerant NIPS by means of the proposed mechanisms over the designed in-line device cluster.

Published in:

Communications and Information Technologies, 2007. ISCIT '07. International Symposium on

Date of Conference:

17-19 Oct. 2007