| Summary: | 碩士 === 中原大學 === 電機工程研究所 === 107 === This dissertation evaluates the performance of an abnormal traffic detection system in a software-defined network environment. The system implementation is based on a SmartNIC and the Suricata, an open source intrusion detection system that supports multi-thread operations.If an abnormal traffic is found, an alarm is sent to notify the SDN controller to perform an action to block the source of the abnormal traffic. By offloading the detection process to the Suricata on a SmartNIC, the central processor (CPU) load of the SDN controller system operation decreases from 76.87% to 11.82%, and the packet loss rate decreases from 50% to 0.12%. In the meantime, the accuracy rate is improved from 30% to 100%. With the help of a SmartNIC, the system computing load, system stability and detection accuracy is greatly improved.
|
|---|
