The Experts below are selected from a list of 138 Experts worldwide ranked by ideXlab platform
Y. Kawamura - One of the best experts on this subject based on the ideXlab platform.
-
FPL - A virus scanning engine using a parallel finite-input memory machine and MPUs
2009 International Conference on Field Programmable Logic and Applications, 2009Co-Authors: Hiroki Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purposeMPUs. It uses twostage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2–26.3 times more efficient than existing ones.
-
A virus scanning engine using a parallel finite-input memory machine and MPUs
Field Programmable Logic and Applications, 2009. FPL 2009. International Conference on, 2009Co-Authors: Hiromichi Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purpose MPUs. It uses two-stage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2-26.3 times more efficient than existing ones.
M. Matsuura - One of the best experts on this subject based on the ideXlab platform.
-
FPL - A virus scanning engine using a parallel finite-input memory machine and MPUs
2009 International Conference on Field Programmable Logic and Applications, 2009Co-Authors: Hiroki Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purposeMPUs. It uses twostage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2–26.3 times more efficient than existing ones.
-
A virus scanning engine using a parallel finite-input memory machine and MPUs
Field Programmable Logic and Applications, 2009. FPL 2009. International Conference on, 2009Co-Authors: Hiromichi Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purpose MPUs. It uses two-stage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2-26.3 times more efficient than existing ones.
Tsutomu Sasao - One of the best experts on this subject based on the ideXlab platform.
-
FPL - A virus scanning engine using a parallel finite-input memory machine and MPUs
2009 International Conference on Field Programmable Logic and Applications, 2009Co-Authors: Hiroki Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purposeMPUs. It uses twostage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2–26.3 times more efficient than existing ones.
-
A virus scanning engine using a parallel finite-input memory machine and MPUs
Field Programmable Logic and Applications, 2009. FPL 2009. International Conference on, 2009Co-Authors: Hiromichi Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purpose MPUs. It uses two-stage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2-26.3 times more efficient than existing ones.
Hiroki Nakahara - One of the best experts on this subject based on the ideXlab platform.
-
FPL - A virus scanning engine using a parallel finite-input memory machine and MPUs
2009 International Conference on Field Programmable Logic and Applications, 2009Co-Authors: Hiroki Nakahara, Tsutomu Sasao, M. Matsuura, Y. KawamuraAbstract:This paper presents a virus scanning engine. After showing the difference between ClamAV (an anti-virus software) and SNORT (an intrusion detection software), we show a new architecture for the virus scanning engine, which is different from that of the intrusion detection engine. The new architecture consists of a parallel finite-input memory machine (PFIMM) and general purposeMPUs. It uses twostage matching. That is, in the first stage, the parallel hardware filter quickly scans the text to find partial matches, and in the second stage, the MPU scan the text to find the total match. To reduce the memory size, compressed match vectors are used. The system is implemented on the Stratix III FPGA, where 65,536 ClamAV virus patterns are stored. As for the area-performance ratio, our system is 1.2–26.3 times more efficient than existing ones.
Constandinos X. Mavromoustakis - One of the best experts on this subject based on the ideXlab platform.
-
A distributed IDS architecture model for Smart Home systems
Cluster Computing, 2017Co-Authors: Mariusz Gajewski, George Mastorakis, Jordi Mongay Batalla, Constandinos X. MavromoustakisAbstract:The common use of smart devices encourages potential attackers to violate privacy. Sometimes taking control of one device allows the attacker to obtain secret data (such as password for home WiFi network) or tools to carry out DoS attack, and this, despite the limited resources of such devices. One of the solutions for gaining users’ confidence is to assign responsibility for detecting attacks to the service provider, particularly Internet Service Provider (ISP). It is possible, since ISP often provides also the Home Gateway (HG)—device that has multiple roles: residential router, entertainment center, and home’s “command and control” center which allows to manage the Smart Home entities. The ISP may extend this set of functionalities by implementing an intrusion detection software in HG provisioned to their customers. In this article we propose an intrusion detection System (IDS) distributed between devices residing at user’s and ISP’s premises. The Home Gateway IDS and the ISP’s IDS constitute together a distributed structure which allows spreading computations related to attacks against Smart Home ecosystem. On the other hand, it also leverages the operator’s knowledge of security incidents across the customer premises. This distributed structure is supported by the ISP’s expert system that helps to detect distributed attacks i.e., using botnets.
