TCP-Stream Reassembly and State Tracking in Hardware

Authors:
Marc Necker;Didier Contis;David Schimmel
Affiliations:
-;-;-
Venue:
FCCM '02 Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Year:
2002

Citing 0
Cited 4

TCP Splitter: A TCP/IP Flow Monitor in Reconfigurable Hardware

IEEE Micro
An Active Splitter Architecture for Intrusion Detection and Prevention

IEEE Transactions on Dependable and Secure Computing
Reconfigurable architecture for network flow analysis

IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Anti-evasion technique for packet based pre-filtering for network intrusion detection systems

TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we consider a new approach to network intrusion detection. Conventional network intrusion detection systems (NIDS) are software based. We propose to selectivelyimplement portions of the functionality of a state-of-the-art software NIDS in reconfigurable hardware. This increases performance even under hostile loads and will enable efficient intrusion detection in future multi-gigabit networks. Specifically , we consider the problem of TCP-stream reassembly. We present a high-performance TCP stream reassembly and state tracking module targeted for incorporation into an agile reconfigurable network interface based on Xilinx Virtex technology.