Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Graphics processing unit based next generation DDoS prevention system
Date
2016-04-27
Author
Keskin, Selcuk
Erdogan, Hasan Tugrul
KOÇAK, TAŞKIN
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
235
views
0
downloads
Cite This
Packet filtering is the main component of prevention systems to protect the network system of the devices against attacks. The algorithm allows the packets to access to network after passing some rules. The packets with decisions are written into a connection table that consists of essential network information. In this paper, we design and implement a massively parallel computation approach of Graphics Processing Unit (GPU) that can be used for network connection tracking. The results show that the GPU based connection table tracking algorithms achieve 90,000,000 packets per second (pps) throughput which is 35 times faster than the packet filtering function defined in Linux kernel.
URI
https://hdl.handle.net/11511/66687
Collections
Unclassified, Conference / Seminar
Suggestions
OpenMETU
Core
Memory organization in pipelined hierarchical search structures for packet classification
Rumelili, Çağla Irmak; Bazlamaçcı, Cüneyt Fehmi; Erdem, Oğuzhan; Department of Electrical and Electronics Engineering (2013)
Packet classification is a main requirement in routers to manage network security and traffi c. In high speed networks packet classification in line rates has become a major challenge. Our design mainly benefits from a parallel pipelined architecture implemented on field programmable gate arrays (FPGA) to achieve high speed packet processing. The presented solution is based on Hierarchical Hybrid Search Structure (HHSS) [5]. Our work solves the deep pipeline problem of HHSS in a memory e fficient way. This ...
Network attack classification with few-shot learning methods
Tüzün, İsmail; Angın, Pelin; Department of Computer Engineering (2022-9-14)
As the number of devices using the Internet increases, the network attacks that these devices are exposed to also diversify. Identifying network attack types from network packets is important to prevent the damage of the attack and to minimize it in cases where it cannot be prevented. Classical machine learning methods and deep learning methods need a lot of data to get successful results. Unfortunately, preparing and labeling large amounts of data is costly in current conditions. This cost is mostly due to...
Secure communication channel mechanisms for isolated networks
Karadağ, Gökdeniz; Özgit, Attila; Department of Computer Engineering (2009)
Current network security solutions are consisted of a single host, with network interfaces of the host connected to protected and external networks at the same time. This design ensures security by restricting traffic flow to a single point, where it can be examined and acted on by a set of rules. However, this design also has a flaw and a single point of failure, that being the vulnerabilities in the security device itself. An adversary would have unhindered access to protected networks if a vulnerability ...
A simple and effective mechanism for stored video streaming with TCP transport and server-side adaptive frame discard
Gurses, E; Akar, Gözde; Akar, N (Elsevier BV, 2005-07-15)
Transmission control protocol (TCP) with its well-established congestion control mechanism is the prevailing transport layer protocol for non-real time data in current Internet Protocol (IP) networks. It would be desirable to transmit any type of multimedia data using TCP in order to take advantage of the extensive operational experience behind TCP in the Internet. However, some features of TCP including retransmissions and variations in throughput and delay, although not catastrophic for non-real time data...
Throughput analysis of UDP and VPN traffic in 802.11g networks
Ikiz, Suheyla; Erten, Y. M. (2006-11-03)
In this study the effects of using VPNs on the throughput of wireless LANs are investigated. To this end we have set up a test bed and based our observations on the actual measurements obtained from the experiments performed using this test bed. The wireless LAN we have used is an IEEE 802.11g network and we compared the throughput values obtained by employing IPSec in this network with the calculated ones. We performed the tests using periodically generated traffic with 1ms and 5 ms intervals between succe...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
S. Keskin, H. T. Erdogan, and T. KOÇAK, “Graphics processing unit based next generation DDoS prevention system,” 2016, p. 59, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/66687.
