@MASTERSTHESIS{ 2024:1338184586,
 	title = {Leveraging network-wide orchestration in programmable networks for enhanced NIDS performance},
 	year = {2024},
 	url = "https://tede2.pucrs.br/tede2/handle/tede/11656",
 	abstract = "Network Intrusion Detection Systems (NIDSs) play a crucial role in safeguarding networks against cyber threats by detecting malicious activity and alerting network operators. Due to the escalating volume of network traffic, NIDSs are prone to saturation issues, particularly in the pattern matching stage of signature-based NIDSs. To overcome this, several studies have explored offloading NIDS signature rules to Programmable Data Plane (PDP) devices, leveraging their high packet-processing capacity to pre-filter network traffic for the NIDS. However, these works present two important limitations. First, most of them overlook the memory constraints of programmable devices. Second, and more importantly, the vast majority of them delegates all pre-filtering capabilities to a single device. Neglecting these aspects may prevent the offloading of all required signature rules compromising the effectiveness of the proposed pre-filtering approach. To address these constraints, this work leverages the network-wide orchestration in programmable networks to pre-filter traffic for the NIDS and enhance its performance. Our objective is to alleviate the burden on the NIDS engine and improve its efficiency by offloading NIDS signature rules to the PDP, redirecting only suspicious packets to the NIDS. Furthermore, we address the limitations of state-of-the-art work by employing two novel memory- and topology-aware orchestration algorithms to strategically offload the rules to multiple devices. The evaluation demonstrated the efficacy of the proposed algorithms, as they outperform the traditional single-device model, ensuring the stable and consistent forwarding of suspicious traffic to the NIDS host, even in scenarios with limited memory availability.",
 	publisher = {Pontif?cia Universidade Cat?lica do Rio Grande do Sul},
 	scholl = {Programa de P?s-Gradua??o em Ci?ncia da Computa??o},
 	note = {Escola Polit?cnica}
}