Constraints on autonomous use of standard GPU components for asynchronous observations and intrusion detection

Mark Seeger, Harald Baier, Christoph Busch, Stephen D. Wolthusen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The high computational power of graphics processing units (GPU) is used for several purposes nowadays. Factoring integers, computing discrete logarithms, and pattern matching in network intrusion detection systems (IDS) are popular tasks in the field of information security where GPUs are used for acceleration. GPUs are commodity components and are widely available in computer systems which would make them an ideal platform for a wide-spread IDS. We investigate the feasibility to use current GPUs for asynchronous host intrusion detection as proposed in a former work and come to the conclusion that several constraints of GPUs limit the use for concurrent and asynchronous off-CPU processing in host IDSs. GPUs have restrictions in terms of continuity, asynchronism, and unrestricted access to perform this task. We propose an observation mechanism and discuss current constraints on autonomous use of standard GPU components for intrusion detection. Finally, we come to the conclusion that several modifications to graphics cards are necessary to enable our approach.
Original languageEnglish
Title of host publicationProc. 2010 2nd International Workshop on Security and Communication Networks (IWSCN)
PublisherIEEE Computer Society Press
Number of pages8
ISBN (Print)978-1-4244-6938-3
DOIs
Publication statusPublished - 26 May 2010

Cite this