12 / 2017-06-21 22:09:47

Parallel Design and Performance Optimization based on OpenCL Snort

OpenCL Snort,GPU,AC algorithm,parallel programming

With the rapid increasement of the network speed and number of threats which hide in the network poses enormous challenges to network intrusion detection systems (NIDS). As the most popular NIDS, snort can run as a single threaded application. However, it may not be able to detect intrusions in real-time especially in networks with high traffic. In this paper, a parallel module OpenCL Snort (OCLSnort) is introduced: realize parallel pattern matching algorithm using GPU and innovate new architecture which is more suitable for the parallel algorithm. The result showed that OCLSnort can detect the attacks correctly and effectively, the new system not only has markedly improved on throughput, also effectively reduced the CPU utilization and memory usage.