Intrusion detection systems are like invisible intelligence agencies within computer networks that scan every packet of data flowing through the network to spot signs of cyberattacks.
(Subscribe to our Today’s Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
A team of researchers at Carnegie Mellon University in Pennsylvania have developed the world’s fastest open-source intrusion detection system.
The system is said to achieve a speed of 100 gigabits per second using a single server, the team said in a study titled ‘Achieving 100Gbps Intrusion Prevention on a Single Server’.
Intrusion detection systems are like invisible intelligence agencies within computer networks that scan every packet of data flowing through the network to spot signs of cyberattacks. These systems rely on servers to scan data. Firewalls act as the network’s first line of defence, while intrusion detection systems are place after firewalls.
As Internet speeds continue to increase, the amount of data passing through the computer networks increases as well. To keep up, the detection systems have grown into giant stacks of servers, driving up energy costs incurred by organisations.
The team’s intrusion detection system can scan data with five processor cores in a single server. Previously, the same amount of data could be scanned with 100 to 700 processor cores and multiple machines, the team said.
The team built the system using an integrated circuit called the ‘field-programmable gate array (FPGA)’, for which users can write code and customise. When placed in a network, there circuit performs 95% of the processing, and the rest is done by the processor cores.
This will help reduce energy costs significantly as the system uses 38 times less power using an FPGA than hundreds of processing cores would in performing the same work.