Abstract
In this paper, we propose a deep packet inspection system based on the MapReduce. The MapReduce which is a parallel distributed programming model developed by Google applies the technology of deep packet inspection. Network protocol analysis technique is invoked to realize detect, effectively reducing the packet number to be matched. Furthermore, cache technology is adopted to store attack signature from database in order to reduce the frequency of reading the rules from library file which improved the detection efficiency. Experimental results show that effectiveness of the proposed system with the high-speed network traffic.
| Original language | English |
|---|---|
| Pages (from-to) | 2587-2594 |
| Number of pages | 8 |
| Journal | Journal of Computational Information Systems |
| Volume | 9 |
| Issue number | 7 |
| Publication status | Published - 1 Apr 2013 |
| Externally published | Yes |
Keywords
- Cache technology
- Deep packet inspection
- MapReduce
- Protocol analysis
- Snort