An Intrusion Detection Sensor for the NetVM Virtual Processor
Source: Polytechnic of Turin
In the wide scenario of packet processing architectures, the development of ever sophisticated applications faces the challenge of finding a balance between different requirements: ever increasing performance, flexibility, and portability of the software across different platforms and hardware architectures. The Network Virtual Machine (NetVM) aims at responding to such defy by taking into account all these elements and by providing an abstract architecture for developing today's packet processing applications. In order to demonstrate that the NetVM platform can be profitably employed for the development of complex applications, the author developed a Snort-like network intrusion detection sensor. This paper presents its architecture and show that NetVM represents an excellent target for the dynamic generation of packet processing programs.