High Performance Networks - Compilation and Optimization of Protocol Analyzers
Network-based intrusion detection and prevention (IDP) systems provide effective site-wide security at institutions such as DOE national laboratories by detecting and eliminating malicious network traffic before it reaches vulnerable host systems. To identify malware reliably without triggering false positives, IDP systems must be Â¿protocol aware,Â¿ properly identifying and interpreting the many network protocols in use. However, the protocol analysis modules needed for this task typically are not amenable to high-speed network processing, making protocol-aware IDP systems unable to keep pace with available high-bandwidth network technologies such as 10 Gbps Ethernet. This project aims to enable dramatically higher performance for protocol-aware IDP systems while simplifying the development of needed protocol analysis code. The approach involves the development of a domain-specific language for expressing protocols and a compiler to map this language to high-speed network processing platforms. The initial focus will be on multicore network processors with hardware-accelerated pattern matching. Commercial Applications and other Benefits as described by the awardee: Network-based IDP systems are widely deployed across commercial, governmental, and educational sites, as well as at DOE facilities. Thus, this technology should be applicable for any organization that seeks to maintain a secure internal network using IDP systems. Increasing network security will benefit the public in many ways, including reduced business and government costs for recovering from network intrusions and higher security for private data held by these institutions.
Small Business Information at Submission:
Reservoir Labs, Inc.
632 Broadway Suite 803 New York, NY 10012
Number of Employees: