<efrbr:recordSet xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:efrbr="http://vfrbr.info/efrbr/1.1" xmlns:efrbr-work="http://vfrbr.info/efrbr/1.1/work" xmlns:efrbr-expression="http://vfrbr.info/efrbr/1.1/expression" xmlns:efrbr-manifestation="http://vfrbr.info/efrbr/1.1/manifestation" xmlns:efrbr-person="http://vfrbr.info/efrbr/1.1/person" xmlns:efrbr-corporateBody="http://vfrbr.info/efrbr/1.1/corporateBody" xmlns:efrbr-concept="http://vfrbr.info/efrbr/1.1/concept" xmlns:efrbr-structure="http://vfrbr.info/efrbr/1.1/structure" xmlns:efrbr-responsible="http://vfrbr.info/efrbr/1.1/responsible" xmlns:efrbr-subject="http://vfrbr.info/efrbr/1.1/subject" xmlns:efrbr-other="http://vfrbr.info/efrbr/1.1/other" xsi:schemaLocation="http://vfrbr.info/efrbr/1.1 http://vfrbr.info/schemas/1.1/efrbr.xsd"><efrbr:entities><efrbr-work:work identifier="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE"><efrbr-work:titleOfTheWork>Head(er)Hunter: fast intrusion detection using packet metadata signatures</efrbr-work:titleOfTheWork></efrbr-work:work><efrbr-expression:expression identifier="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE"><efrbr-expression:titleOfTheExpression>Head(er)Hunter: fast intrusion detection using packet metadata signatures</efrbr-expression:titleOfTheExpression><efrbr-expression:formOfExpression vocabulary="DIAS:TYPES">
            Δημοσίευση σε Συνέδριο
            Conference Publication
         </efrbr-expression:formOfExpression><efrbr-expression:dateOfExpression type="issued">2022-05-03</efrbr-expression:dateOfExpression><efrbr-expression:dateOfExpression type="published">2020</efrbr-expression:dateOfExpression><efrbr-expression:languageOfExpression vocabulary="iso639-1">en</efrbr-expression:languageOfExpression><efrbr-expression:otherDistinguishingCharacteristic>This work was supported by the projects CONCORDIA, CyberSANE, I-BIDAAS and SPIDER, funded by the European Commission under Grant Agreements No. 830927, No. 833683, No. 780787 and No. 833685. This research work was also supported by the Hellenic Foundation for Research and Innovation (HFRI) and the General Secretariat for Research and Technology (GSRT), under the HFRI PhD Fellowship grant (GA. No. 2767).</efrbr-expression:otherDistinguishingCharacteristic><efrbr-expression:summarizationOfContent>More than 75% of the Internet traffic is now encrypted, while this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. Yet, encryption can be exploited to hide malicious activities. Traditionally, network traffic inspection is based on techniques like deep packet inspection (DPI). Common applications for DPI include but are not limited to firewalls, intrusion detection and prevention systems, L7 filtering and packet forwarding. The core functionality of such DPI implementations is based on pattern matching that enables searching for specific strings or regular expressions inside the packet contents. With the widespread adoption of network encryption though, DPI tools that rely on packet payload content are becoming less effective, demanding the development of more sophisticated techniques in order to adapt to current network encryption trends. In this work, we present HeaderHunter, a fast signature-based intrusion detection system even in encrypted network traffic. We generate signatures using only network packet metadata extracted from packet headers. Also, to cope with the ever increasing network speeds, we accelerate the inner computations of our proposed system using off-the-shelf GPUs.</efrbr-expression:summarizationOfContent><efrbr-expression:useRestrictionsOnTheExpression type="creative-commons">http://creativecommons.org/licenses/by/4.0/</efrbr-expression:useRestrictionsOnTheExpression><efrbr-expression:note type="page range">1-6</efrbr-expression:note><efrbr-expression:note type="conference name">2020 IEEE 25th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks</efrbr-expression:note></efrbr-expression:expression><efrbr-person:person identifier="1B3466D8-B142-4394-8DCC-E4C210F5F94E"><efrbr-person:nameOfPerson vocabulary="">
            Papadogiannaki Eva
         </efrbr-person:nameOfPerson></efrbr-person:person><efrbr-person:person identifier="525D68B7-3B17-4DD7-8A74-B78975D98470"><efrbr-person:nameOfPerson vocabulary="">
            Deyannis Dimitris
         </efrbr-person:nameOfPerson></efrbr-person:person><efrbr-person:person identifier="http://users.isc.tuc.gr/~sioannidis"><efrbr-person:nameOfPerson vocabulary="TUC:LDAP">
            Ioannidis Sotirios
            Ιωαννιδης Σωτηριος
         </efrbr-person:nameOfPerson></efrbr-person:person><efrbr-corporateBody:corporateBody identifier="https://v2.sherpa.ac.uk/id/publisher/38"><efrbr-corporateBody:nameOfTheCorporateBody vocabulary="S/R:PUBLISHERS">
            Institute of Electrical and Electronics Engineers
         </efrbr-corporateBody:nameOfTheCorporateBody></efrbr-corporateBody:corporateBody><efrbr-concept:concept identifier="EF95647A-B5B7-4A06-98FD-F5E061008132"><efrbr-concept:termForTheConcept>
            Payloads
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="3920A99D-B46D-4FB5-BEA9-8E677A6B9704"><efrbr-concept:termForTheConcept>
            Cryptography
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="7B9FCDC9-2F41-4B18-BC08-14BDA7DB85B3"><efrbr-concept:termForTheConcept>
            Pattern matching
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="14A59569-8089-49BD-816C-06524CBD2D32"><efrbr-concept:termForTheConcept>
            Intrusion detection
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="08430CF0-E1B1-48B2-89DB-DE5491C15E80"><efrbr-concept:termForTheConcept>
            Metadata
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="E229255B-45E8-4728-B920-CEBA328B66DC"><efrbr-concept:termForTheConcept>
            Engines
         </efrbr-concept:termForTheConcept></efrbr-concept:concept><efrbr-concept:concept identifier="6EA0138F-341A-419E-A07F-78E3D717D94D"><efrbr-concept:termForTheConcept>
            Protocols
         </efrbr-concept:termForTheConcept></efrbr-concept:concept></efrbr:entities><efrbr:relationships><efrbr-structure:structureRelations><efrbr-structure:realizedThrough sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="expression" targetURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE"/></efrbr-structure:structureRelations><efrbr-responsible:responsibleRelations><efrbr-responsible:createdBy sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="person" targetURI="1B3466D8-B142-4394-8DCC-E4C210F5F94E"/><efrbr-responsible:realizedBy sourceEntity="expression" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="person" targetURI="1B3466D8-B142-4394-8DCC-E4C210F5F94E" role="author"/><efrbr-responsible:realizedBy sourceEntity="expression" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="person" targetURI="525D68B7-3B17-4DD7-8A74-B78975D98470" role="author"/><efrbr-responsible:realizedBy sourceEntity="expression" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="person" targetURI="http://users.isc.tuc.gr/~sioannidis" role="author"/><efrbr-responsible:realizedBy sourceEntity="expression" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="person" targetURI="https://v2.sherpa.ac.uk/id/publisher/38" role="publisher"/></efrbr-responsible:responsibleRelations><efrbr-subject:subjectRelations><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="EF95647A-B5B7-4A06-98FD-F5E061008132"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="3920A99D-B46D-4FB5-BEA9-8E677A6B9704"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="7B9FCDC9-2F41-4B18-BC08-14BDA7DB85B3"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="14A59569-8089-49BD-816C-06524CBD2D32"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="08430CF0-E1B1-48B2-89DB-DE5491C15E80"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="E229255B-45E8-4728-B920-CEBA328B66DC"/><efrbr-subject:hasSubject sourceEntity="work" sourceURI="http://purl.tuc.gr/dl/dias/D19DF4C8-8581-4602-ABDE-C945B05E79BE" targetEntity="concept" targetURI="6EA0138F-341A-419E-A07F-78E3D717D94D"/></efrbr-subject:subjectRelations><efrbr-other:otherRelations/></efrbr:relationships></efrbr:recordSet>