Use this URL to cite or link to this record in EThOS:
Title: High performance platform independent content analysis for network processing
Author: Munoz , Antonio
Awarding Body: Queen's University Belfast
Current Institution: Queen's University Belfast
Date of Award: 2013
Availability of Full Text:
Full text unavailable from EThOS.
Please contact the current institution’s library for further details.
The Internet is the global infrastructure for communication, education, entertainment and commerce. As network systems increase in connection speeds and data volume, high performance network intrusion detection and prevention systems must evolve to protect users and businesses from organized and opportunistic crimes motivated by financial and political interests. A detailed study of several well-known network intrusion detection and prevention systems (e.g. Snort) revealed the platform dependency of security rules notation. This thesis describes the design and implementation of Snort2regex, an efficient and accurate tool for compiling Snort rules into regular expression syntax. The regular expression syntax provides a platform independent notation that ensures high levels of security in multiple environments. Several alternative parallel architectures are introduced to attempt to improve the performance of network intrusion detection and prevention systems. I~ order to show the benefits of the Snort2regex compiler, this work also presents SnortEX, a novel software based network intrusion detection and prevention system that benefits from the scalability of the parallel architectures previously introduced. The proposed architecture of SnortEX was evaluated. and several methods of optimization are studied [0 improve the performance and integration between the Snort2regex compiled rule set and SnortEX. Finally, the system is benchmarked and shows a 3 to 17x improvement in performance against a standard Snort implementation.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available