PS-IPS: Deploying Intrusion Prevention System with machine learning on programmable switch

Alan Y.P. Lee, Michael I.C. Wang, Chi Hsiang Hung*, Charles H.P. Wen

*此作品的通信作者

研究成果: Article同行評審

1 引文 斯高帕斯(Scopus)

摘要

Intrusion prevention is significant to avoid device damage and financial losses. Researchers have proposed various Intrusion Prevention Systems (IPS) to prevent malware, including traditional and SDN-based IPS. However, existing IPSs suffer from low throughput problems caused by detection and rule-installation delays. Here, we propose a programmable switch-base IPS (named PS-IPS), which utilizes the switch CPU and pipeline to detect malware. PS-IPS consists of four main components: (1) parser, (2) flow filter, (3) recirculation director, and (4) malware detector. According to the experiment, PS-IPS achieves a 183X throughput than the SDN-based IPS. The response time of PS-IPS is also reduced by 99.99%, showing that PS-IPS effectively prevents malware with a single programmable switch.

原文English
頁(從 - 到)333-342
頁數10
期刊Future Generation Computer Systems
152
DOIs
出版狀態Published - 3月 2024

指紋

深入研究「PS-IPS: Deploying Intrusion Prevention System with machine learning on programmable switch」主題。共同形成了獨特的指紋。

引用此