Traditional software network interfaces in Linux do not deliver satisfactory
real-time performance. Hence alternative efficient real-time interfaces are
required in network monitoring, distributed systems, real-time networking
and remote data acquisition applications. Designing such a software network
interface is not trivial.
A PC based software network intrusion detection
application is studied as an example. Poor throughput and real-time
performance of traditional interfaces or their enhanced versions can cause
packet skipping and other non-obvious synchronization related failures,
which may make the detector ineffective. The effectiveness of the detector
can be enhanced by improving its packet capturing and dispatching interface.
We achieve this by using an efficient real-time software interface for a PCI
Ethernet card.
This paper describes the design and implementation details of
this interface and its deployment for Linux based network intrusion
detection sensors. The nuances of the system design for high speed packet
capturing are discussed and the advantages of the proposed design are
demonstrated. This mechanism outperforms existing packet capturing
solutions - NAPI, PFRING and Linux kernel under heavy network load in terms
of higher load bearing capacity, packet capturing capacity and superior
real-time behavior.
|
Philips Research
Purnendu Sinha is currently with Philips Research India, Bangalore. Until
recently he was teaching at Electrical and Computer Engineering Department at
Concordia University, Montreal. He obtained his Ph.D. in Computer Engineering
from Boston University, Boston, MA. He received his M.S. degree in Computer
Science from the New Jersey Institute of Technology, Newark, NJ. He also
received the M.E. degree in Electrical Engineering from the Stevens Institute
of Technology, Hoboken, NJ, and the B.E. degree (with Distinction) in
Electrical Engineering from University of Mangalore, India.
He holds a professional engineering license in the state of Ontario, Canada.
Dr. Sinha previously worked as a research assistant at Boston University and at the New
Jersey Institute of Technology on various projects sponsored by DARPA, NSF and
ONR. He also worked as a Consultant on a project sponsored by Canon, USA on
morphological image processing. Dr. Sinha is a member of IEEE Computer
Society, IASTED, and Alpha Epsilon Lambda Honor Society. He is an associate
member of Regroupment Strategique en Microelectronique du Quebec. He has
served as a Managing Editor of Journal of Real-Time Imaging, Academic Press,
UK. His research interests include design and analysis of distributed
dependable and real-time algorithms, embedded systems, formal methods based
verification and validation (V&V) of fault-tolerant and real-time protocols,
fault-injection based validation, and real-time imaging. His research
activities were supported by research funds from NSERC, FCAR, and
FRDP-Concordia University.
|
Concordia University
Amitava Biswas, has completed MASc in computer engineering from Concordia
University. He received his MBA from Indian Institute of Management, Ahmedabad
and Bachelors in Electronics and Electrical Engineering from Indian Institute
of Technology, Kharagpur. He is a certified Information System Professional in
Canada. He had been working in industrial automation, information systems and
telecom software development domain for last 8 years as an engineer and
project manager.
At present he is associated with Hexagram, a
multi-disciplinary (art and technology) research organization in Montreal. He
is a member of IEEE, Canadian Information Processing Society and Society for
Research Administrators. His interest lies in networking, performance
engineering, real-time applications, distributed systems, system software,
embedded systems, sensors, research and engineering management.
|
|
