research-article

WISDOM: security-aware fibres

Authors:

Elias Athanasopoulos,

Antonis Krithinakis,

Georgios Kopidakis,

Graeme Maxwell,

Alistair Poustie,

Carla Di Cairano-GilfedderAuthors Info & Claims

EUROSEC '09: Proceedings of the Second European Workshop on System Security

Pages 22 - 27

https://doi.org/10.1145/1519144.1519148

Published: 31 March 2009 Publication History

Abstract

The network is becoming faster day by day. High-speed links, of many Gbps, are considered as commodity technology empowering the Internet. On the other hand, Moore's law still applies to current processing power. It needs about 18 months for CPUs to double the number of their transistors. A very fast network composed by not as fast processors is unable to perform basic operations needed in the security field, like firewalling and intrusion detection. In this paper, we propose a novel system, which promotes security operations in the optical domain. We describe all hardware components - optical and digital - and the software, which renders the system functional. We outline application scenarios in which a hybrid architecture of optical and digital parts, like the one we propose in this paper, can offer significant benefit to the network from a security perspective.

References

[1]

Asis. http://www.asis-pro.com/Default.asp.

[2]

CheckPoint. http://www.checkpoint.com/.

[3]

Cisco, Netflow. http://www.cisco.com/.

[4]

endace - NinjaBox-Z Series. http://www.endace.com/our-products/ninja-platforms/ninjabox-z-series.

[5]

McAfee, HIPS. http://www.mcafee.com/.

[6]

Moore's Law. http://www.intel.com/technology/mooreslaw/.

[7]

NI - LabView. http://www.ni.com/labview/.

[8]

Optical hardware market holds steady at $2.7 billion in 3Q05. http://findarticles.com/p/articles/mi_hb4766/is_200601/ai_n17355712.

[9]

RFC792 - Internet Control Message Protocol. http://www.faqs.org/rfcs/rfc792.html.

[10]

Sourcefire. http://www.sourcefire.com/.

[11]

The WISDOM Project. http://www.ict-wisdom.org.

[12]

VPIphotonics. http://www.vpiphotonics.com/.

[13]

A. V. Aho and M. J. Corasick. Efficient string matching: an aid to bibliographic search. Commun. ACM, 18(6):333--340, 1975.

Digital Library

[14]

A. J. Poustie et al. All-optical parity checker. In Optics Communications, 162, 37, 1999.

[15]

K. Anagnostakis, S. Antonatos, M. Polychronakis, and E. Markatos. A domain-specific string matching algorithm for intrusion detection, 2003.

[16]

S. Antonatos, M. Polychronakis, P. Akritidis, K. G. Anagnostakis, and E. P. Markatos. Piranha: Fast and memory-efficient pattern matching for intrusion detection. In R. Sasaki, S. Qing, E. Okamoto, and H. Yoshiura, editors, SEC, pages 393--408. Springer, 2005.

[17]

R. S. Boyer and J. S. Moore. A fast string searching algorithm. Commun. ACM, 20(10):762--772, 1977.

Digital Library

[18]

C. C. Carroll. R68-40 sequential machines and automata theory. IEEE Trans. Comput., 17(9):922--923, 1968.

Digital Library

[19]

L. F. Cranor and B. A. LaMacchia. Spam! Commun. ACM, 41(8):74--83, 1998.

Digital Library

[20]

D. Cotter et al. Non-linear optics for high-speed digital information processing. In Science 286, pages 1433--1636), 1999.

[21]

A. Krithinakis, L. Stroetmann, E. Athanasopoulos, G. Kopidakis, and E. P. Markatos. WSIM: A Software Platform to Simulate All-Optical Security Operations. European Conference on Computer Network Defense, 0:41--47, 2008.

Digital Library

[22]

R. A. Lauder and R. A. Halgren. Optical firewall. Technical Report EP1263154, December 2002.

[23]

P. Newman, G. Minshall, and T. L. Lyon. IP switching --- ATM under IP. IEEE/ACM Transactions on Networking, 6(2):117--129, 1998.

Digital Library

[24]

M. Polychronakis, P. Mavrommatis, and N. Provos. Ghost turns zombie: Exploring the life-cycle of web-based malware. In Proceedings of the 1st USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET), April 2008.

Digital Library

[25]

A. Poustie. Semiconductor devices for all-optical signal processing. In Proceedings of European Conference on Optical Communication, volume 3, pages 475--8, 2005.

[26]

R. P. Webb et al. 42gbit/s all-optical pattern recognition system. In Proceedings of Optical Fibre Communications (OFC), 2008.

[27]

M. Roesch. Snort: Lightweight intrusion detection for networks. In LISA, pages 229--238. USENIX, 1999.

Digital Library

[28]

J. H. Saltzer, D. P. Reed, and D. D. Clark. End-to-end arguments in system design. ACM Trans. Comput. Syst., 2(4):277--288, 1984.

Digital Library

[29]

S. Suri and G. Varghese. Packet filtering in high speed networks. In SODA '99: Proceedings of the tenth annual ACM-SIAM symposium on Discrete algorithms, pages 969--970, Philadelphia, PA, USA, 1999. Society for Industrial and Applied Mathematics.

Digital Library

[30]

S. Wu and U. Manber. A fast algorithm for multi-pattern searching. Technical Report TR-94-17, 1994.

Cited By

Sun MLi XZhai WHou HRuan FHuang S(2024)Synchronization-Enhanced All-Optical Pattern Matching System Based on Semiconductor Optical Amplifier2024 Asia Communications and Photonics Conference (ACP) and International Conference on Information Photonics and Optical Communications (IPOC)10.1109/ACP/IPOC63121.2024.10809710(1-5)Online publication date: 2-Nov-2024
https://doi.org/10.1109/ACP/IPOC63121.2024.10809710
Li XShi HGuo KHuang S(2024)All-optical matching systems based on the squarer for QPSK and 8PSK optical signalsOptical Fiber Technology10.1016/j.yofte.2024.10386087(103860)Online publication date: Oct-2024
https://doi.org/10.1016/j.yofte.2024.103860
Tang YLi XShi HChang JTian YHuang S(2023)Reconfigurable all-optical pattern-matching system for phase modulation formats based on phase-sensitive amplification in highly nonlinear fiberOptical Fiber Technology10.1016/j.yofte.2023.10354881(103548)Online publication date: Dec-2023
https://doi.org/10.1016/j.yofte.2023.103548
Show More Cited By

Recommendations

A Shannon's Theory of Wisdom Internet
MINES '12: Proceedings of the 2012 Fourth International Conference on Multimedia Information Networking and Security

Internet is so popular that nearly everybody using it every day. Current Internet shows some characteristics of intelligent. For example, it can help people find the proper resources using semantic search. So this paper focuses on the wisdom of ...
On the dualization of hypergraphs with bounded edge-intersections and other related classes of hypergraphs

Given a finite set V , and integers k ý1 and r ý0, let us denote by the class of hypergraphs with ( k,r )-bounded intersections, i.e. in which the intersection of any k distinct hyperedges has size at most r . We consider the problem : given a ...
Return-to-zero transmitter for WDM-PONs using incoherent-light-injected Fabry-Perot laser diodes
Special issue on next-generation broadband optical access network technologies

Thanks to colorless operation and cost-effectiveness, an incoherent-light-injected Fabry-Perot laser diode (FP-LD) is considered as a promising optical transmitter for wavelength-division-multiplexed (WDM) passive optical networks (PONs). However, the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EUROSEC '09: Proceedings of the Second European Workshop on System Security

March 2009

57 pages

ISBN:9781605584720

DOI:10.1145/1519144

Program Chairs:
Evangelos Markatos
FORTH-ICS, GR
,
Manuel Costa
Microsoft Research, UK

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 March 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

EuroSys '09

Sponsor:

SIGOPS

EuroSys '09: Fourth EuroSys Conference 2009

March 31, 2009

Nuremburg, Germany

Acceptance Rates

Overall Acceptance Rate 47 of 113 submissions, 42%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
154
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sun MLi XZhai WHou HRuan FHuang S(2024)Synchronization-Enhanced All-Optical Pattern Matching System Based on Semiconductor Optical Amplifier2024 Asia Communications and Photonics Conference (ACP) and International Conference on Information Photonics and Optical Communications (IPOC)10.1109/ACP/IPOC63121.2024.10809710(1-5)Online publication date: 2-Nov-2024
https://doi.org/10.1109/ACP/IPOC63121.2024.10809710
Li XShi HGuo KHuang S(2024)All-optical matching systems based on the squarer for QPSK and 8PSK optical signalsOptical Fiber Technology10.1016/j.yofte.2024.10386087(103860)Online publication date: Oct-2024
https://doi.org/10.1016/j.yofte.2024.103860
Tang YLi XShi HChang JTian YHuang S(2023)Reconfigurable all-optical pattern-matching system for phase modulation formats based on phase-sensitive amplification in highly nonlinear fiberOptical Fiber Technology10.1016/j.yofte.2023.10354881(103548)Online publication date: Dec-2023
https://doi.org/10.1016/j.yofte.2023.103548
Dutertre JMirbaha ANaccache DTria A(2022)Photonic power firewallsJournal of Cryptographic Engineering10.1007/s13389-022-00291-012:3(245-254)Online publication date: 2-Sep-2022
https://doi.org/10.1007/s13389-022-00291-0
Webb RDailey JManning RMaxwell GPoustie ALardenois SHarmon RHarrison JKopidakis GAthanasopoulos EKrithinakis ADoukhan FOmar MVaillant DDi Nallo FKoyabe MDi Cairano-Gilfedder C(2012)All-Optical Header Processing in a 42.6 Gb/s Optoelectronic FirewallIEEE Journal of Selected Topics in Quantum Electronics10.1109/JSTQE.2011.213533718:2(757-764)Online publication date: Mar-2012
https://doi.org/10.1109/JSTQE.2011.2135337

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten