Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
Novel FPGA-based signature match circuit for efficient network intrusion detection
ACOS'07 Proceedings of the 6th Conference on WSEAS International Conference on Applied Computer Science - Volume 6
Scalable multigigabit pattern matching for packet inspection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
FPGA-based ROM-free network intrusion detection using shift-OR circuit
Journal of Embedded Computing - Design and Optimization for High Performance Embedded Systems
Efficient logic circuit for network intrusion detection
EUC'06 Proceedings of the 2006 international conference on Embedded and Ubiquitous Computing
Hardware-software hybrid packet processing for intrusion detection systems
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
International Journal of Mobile Network Design and Innovation
| Hi-index | 0.00 |
In this paper, we introduce a novel architecture for a hardware based network intrusion detection system (NIDS). NIDSs are becoming critical components of the network infrastructure as they serve as a key line of defense in network protection. However, current methods are much too compute intensive and can not begin to meet the bandwidth requirements of a moderate sized corporate network. Thus, hardware techniques are desired to speed up network processing. This paper introduces a FPGA based signature match processor that can serve as the core of a hardware based NIDS. The signature match processorýs key feature is a CAM-based cellular processor architecture that can match strings in an area efficient manner. Using a unique binary tree structure, we are also able to generate priority encoded addresses corresponding to multiple signature matches.