Parallel network intrusion detection on reconfigurable platforms

Authors:
Chun Jason Xue;Zili Shao;MeiLin Liu;QingFeng Zhuge;Edwin H.-M. Sha
Affiliations:
City University of Hong Kong, Kowloon, Hong Kong;Hong Kong Polytechnic University, Hong Kong;Wright State University, Dayton, Ohio;University of Texas at Dallas, Richardson, Texas;University of Texas at Dallas, Richardson, Texas
Venue:
EUC'07 Proceedings of the 2007 international conference on Embedded and ubiquitous computing
Year:
2007

Citing 4
Cited 0

A fast string searching algorithm

Communications of the ACM
Efficient string matching: an aid to bibliographic search

Communications of the ACM
Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
A fast string-matching algorithm for network processor-based intrusion detection system

ACM Transactions on Embedded Computing Systems (TECS)

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the wide adoption of internet into our everyday lives, internet security becomes an important issue. Intrusion detection at the network level is an effective way of stopping malicious attacks at the source and preventing viruses and worms from wide spreading. The key component in a successful network intrusion detection system is a high performance pattern matching engine that can uncover the malicious activities in real time. In this paper, we propose a highly parallel, scalable hardware based network intrusion detection system, that can handle variable pattern length efficiently and effectively. Pattern matchings are completed in O(log M) time where M is the longest pattern length. Implementation is done on a standard off-the-shelf FPGA. Comparison with the other techniques shows promising results.