Sujayyendhiren, Kaiqi Xiong, Minseok Kwon. O pen BIDS a NIDS. Experimental Setup OpenBIDS. High Level Architecture. Detailed Architecture. Metadata – Kernel to Userspace. Bloom Filter Configuration. Signature Format.
PowerPoint Slideshow about ' O pen BIDS a NIDS' - airlia
An Image/Link below is provided (as is) to download presentation
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
OpenBIDS offers the feature of adding bloom filter rules at run time.
If a signature match is identified by bloom filter, it is followed by a hashtable lookup in the user space. On successful lookup , a relevant rule is added dynamically into flow table using OpenFlow framework.
Multiple pattern matching for each data plane packet.
Bloom filter parameters like ‘k’ , ‘m’ are configured statically at compile time.
Optimizing memory operations like memory copying and memory initializations.
Instead of exhaustive matching of data packet for signatures, feedback based increase in checking for multiple patterns i.e. if a lookup match is identified as false positive by user space then gradually increase the number of pattern matches for a flow.