| With the increasing number of security threads for computer control sys-tems, protecting the security of high-speed and multifunctional computer con-trol networks is a severe challenge. However, the traditional hardware imple-ment of security systems like ASIC and FPGA cannot handle the new types of attacks, and the capacity of the normal multicore processors is not suit for mas-sive network traffic. The many-core processors hardware is the possible solu-tion for handing this problem. This thesis is proposed to design and implement the architecture of effective network traffic analyzing for high-speed network using many-core processors.Firstly, we introduce the existing parallel architectures:RTC(Run-to-com-pletion) model and SPL (Software Pipeline) model and evaluate their perfor-mance with online network traffic to find the suitable model for many-core pro-cessors. The experiments show that the throughput of SPL model is increasing by 55.9% with RTC model with online network traffic.Secondly, we migrate and optimize the NIDS on many-core processors. According to the structure of many-core processors, we design some method to improve the performance of NIDS, such as the new memory management method. We evaluated its performance with real packet traces. It shows that our system archives up to 18Gbps with 4 TILEGX-36 CPUs in a 1U server.Finally, we propose a new method to adjust the frequency of the main pro-cessors in IDS devices to reduce energy consumption, which is based on the current traffic flow conditions to predict the future. It calculates optimal fre-quency scaling operation sequence via an internal sandbox model, so as to achieve energy saving purposes. We use computer simulation to validate this method. Experiments show that this method has better efficiency. |
PDF Full Text Request