LIÊN KẾT WEBSITE
A FPGA-based deep packet inspection engine for network intrusion detection system
2012 9th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology, ECTI-CON 2012 Số , năm 2012 (Tập , trang -)
DOI: 10.1109/ECTICon.2012.6254301
Tài liệu thuộc danh mục: Scopus
Conference Paper
English
Từ khóa: cuckoo hashing; DPI; Multi-pattern matching; NFA; NIDS/NIPS; Regular expressions; Computer crime; Information technology; Packet networks; Pattern matching; Websites; Field programmable gate arrays (FPGA)
Tóm tắt tiếng anh
Pattern matching has became a bottleneck of software based Network Intrusion Detection System (NIDS) as the number of signature have recently increased dramatically. Many FPGA-based architectures for detecting malicious patterns have been proposed recently. However, these approaches have just considered matching pattern separately while more and more complex combination of several patterns are utilized to describe intrusion activities. In this paper we present our work which concentrates on multi-pattern signature and propose a FPGA-based deep packet inspection engine for NIDS. The system can support both static and dynamic patterns. We employ Snort signature set and realize our system on NetFPGA platform. The evaluation on real network environment shows that our system can maintain gigabit line rate throughput without dropping packets. 2012 IEEE.