Implementation of an Energy-Saving Bro-Aware Load Balancer at 100 Gbps with Closed-Loop Flow Policy Control
Small Business Information
632 Broadway, Suite 803, New York, NY, 10012
AbstractIn an increasingly hostile computing environment, Network Intrusion Detection Systems (NIDS) serve an indispensable role in preserving the integrity of computer networks. This comes to manifest as the DOE is working at a national level to secure a number of strategic network entry points using Bro [DOE06, DOE09], a powerful NIDS developed by the networking group at the International Computer Science Institute (ICSI) in Berkeley, California. Existing NIDS such as Bro, however, have been for the most part deployed as single-node appliances protecting a specific network asset. This architecture is being driven to a breaking point by two independent realities: first, as network data-rates increase, single-node NIDS boxes are being overwhelmed by the quantity of computation they must perform to continuously secure the network; second, as attacks become ever more sophisticated, NIDS have to incorporate more complex traffic analysis heuristics that further stress the system
* information listed above is at the time of submission.