Sciweavers

RAID
2007
Springer

The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware

13 years 9 months ago
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
Abstract. In this work we present a NIDS cluster as a scalable solution for realizing high-performance, stateful network intrusion detection on commodity hardware. The design addresses three challenges: (i) distributing traffic evenly across an extensible set of analysis nodes in a fashion that minimizes the communication required for coordination, (ii) adapting the NIDS’s operation to support coordinating its low-level analysis rather than just aggregating alerts; and (iii) validating that the cluster produces sound results. Prototypes of our NIDS cluster now operate at the Lawrence Berkeley National Laboratory and the University of California at Berkeley. In both environments the clusters greatly enhance the power of the network security monitoring.
Matthias Vallentin, Robin Sommer, Jason Lee, Craig
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where RAID
Authors Matthias Vallentin, Robin Sommer, Jason Lee, Craig Leres, Vern Paxson, Brian Tierney
Comments (0)