@inbook{71f4d2492a90457b9aa93dca181b97e0,
title = "Design and Implementation of a Linux Kernel Based Intrusion Prevention System in Gigabit Network Using Commodity Hardware",
abstract = "Due to the development of the Internet, much valuable information is stored in the networked computer or transmitted on the network. System and network security is more and more important than before. Intrusion detection system (IDS) is developed to monitor network and/or system activities for malicious or unwanted behavior. Intrusion Prevention System offer stronger protection. When an attack is detected, IPS can drop the offending packets while still allowing all other traffic to pass. Recently, the speed of backbone network has already reached Gbit-scale, the intrusion detection or prevention is more difficult than before. The price of the related products in the market is above two million new Taiwan dollars. In this paper, we design and implement an inkernel Intrusion Prevention System in Gigabit network using commodity hardware and Linux operating systems. Preliminary experiment results show that, our system outperforms traditional intrusion prevention system (snort inline) substantially. Besides, our system can reach the wire speed under a typical set of detection rules.",
keywords = "Gigabit Network, Intrusion Detection System, Intrusion Prevention System, Linux Kernel",
author = "Feng, \{Li Chi\} and Huang, \{Chao Wei\} and Wang, \{Jian Kai\}",
year = "2013",
doi = "10.1007/978-3-642-35473-1\_11",
language = "英语",
isbn = "9783642354724",
series = "Smart Innovation, Systems and Technologies",
pages = "101--109",
editor = "Chang Ruay-Shiung and Peng Sheng-Lung and Lin Chia-Chen",
booktitle = "Advances in Intelligent Systems and Applications - Volume 2",
}