Intrusion Detection systems (IDS) were developed to identify and report attacks in the late 1990s, as hacker attacks and network worms began to affect the internet. Traditional IDS technologies detect hostile traffic and send alerts but do nothing to stop the attacks. Network Intrusion Prevention Systems (NIPS) are deployed in-line with the network segment being protected. As the traffic passes through the NIPS, it is inspected for the presence of an attack. Like viruses, most intruder activities have some sort of signatures. Therefore, a pattern-matching algorithm resides at the heart of the NIPS. When an attack is identified, the NIPS blocks the offending data. There is an alleged trade-off between the accuracy of detection and algorithmic efficiency. Both are paramount in ensuring that legitimate traffic is not delayed or disrupted as it flows through the device. For this reason, the pattern-matching algorithm must be able to operate at wire speed, while simultaneously detecting the main bulk of intrusions. With networking speeds doubling every year, it is becoming increasingly difficult for software based solutions to keep up with the line rates. This paper presents a novel pattern-matching algorithm. The algorithm uses a Ternary Content Addressable Memory (TCAM) and is capable of matching multiple patterns in a single operation. The algorithm achieves line-rate speed of several orders of magnitude faster than current works, while attaining similar accuracy of detection. Furthermore, our system is fully compatible with Snort's rules syntax, which is the de facto standard for intrusion prevention systems.
Garbage collectors automatically free memory previously allocated by applications. Generally, they discard unreachable objects from memory, leaving reachable objects intact. However, object reachability does not necessarily imply usability, as an object may be obsolete and still reachable. Such objects are usually referred to as loitering objects. Loitering objects introduce a form of memory leak in a Java application. Predicting, tracing and eliminating loitering objects is a difficult problem. In this paper we address this problem. We present a self-healing approach for dealing with loitering objects. Specifically, the paper proposes an algorithm that can be integrated within the Java garbage collector. The algorithm prevents memory leaks resulting from loitering objects by "paging" suspected live objects to disk and reloading them if they are required. As a proof-of-concept, we have implemented and validated the algorithm for the Java Virtual Machine. This could be a first step towards genuine self-healing of memory management problems.
A b s t r a c tThe emergence of networked lightweight portable computing devices can potentially enable accessibility to a vast array of remote applications and data. In order to cope with shortage of local resources such as memory, CPU and bandwidth, such applications are typically designed as a thinclient thick-server applications. However, another highly desirable yet conflicting requirement is to support disconnected operation, due to the low quality and high cost of on-line connectivity. We present a novel programming model and a runtime infrastructure that addresses these requirements by automatically reconfignring the application to operate in disconnected mode of operation, when voluntary disconnection is requested, and automatically resorting to normal distributed operation, upon reconnection. The programming model enables developers to design disconnected aware applications by providing a set of component reference annotations with special disconnection and reconnection semantics. Using these annotations, designers can identify critical components, priorities, dependencies, local component alternatives with reduced functionality, and state merging policies. The runtime infrastructures carries out dis-and re-connection semantics using component mobility and dynamic application layout. The disconnected operation framework, FarGo-DA, is an extension of FarGo, a mobile component framework for distributed applications.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.