Offloading IDS Computation to the GPU

Nigel Jacob, Carla E. Brodley
Tufts University, Computer Science Department, 161 College Ave, Medford, MA 02155
22nd Annual Computer Security Applications Conference, 2006. ACSAC ’06, p.371-380


   title={Offloading IDS Computation to the GPU},

   author={Jacob, N. and Brodley, C.},

   booktitle={Computer Security Applications Conference, 2006. ACSAC’06. 22nd Annual},







Download Download (PDF)   View View   Source Source   



Signature-matching intrusion detection systems can experience significant decreases in performance when the load on the IDS-host increases. We propose a solution that off-loads some of the computation performed by the IDS to the graphics processing unit (GPU). Modern GPUs are programmable, stream-processors capable of high-performance computing that in recent years have been used in non-graphical computing tasks. The major operation in a signature-matching IDS is matching values seen operation to known black-listed values, as such, our solution implements the string-matching on the GPU. The results show that as the CPU load on the IDS host system increases, PixelSnort’s performance is significantly more robust and is able to outperform conventional Snort by up to 40%.
No votes yet.
Please wait...

* * *

* * *

HGPU group © 2010-2021 hgpu.org

All rights belong to the respective authors

Contact us: