BibTex RIS Cite

Design of 8-bit dedicated microprocessor for content matching in NIDPS

Year 2014, Volume: 3 Issue: 3, 209 - 215, 28.09.2014

Abstract

Content or string matching is the core process of deep package inspection and pattern recognition used by the Network Intrusion Detection and Prevention Systems (NIDPS). Although there are many sophisticated algorithms in software it is an exhaustive process and still beneath the requirements of the high-speed network traffic.  In this paper is presented a flexible hardware solution i.e. microprocessor able to recognize known attack patterns and its variants to overcome the software NIDPS outage caused by 1 Gbps (and beyond) throughputs. Since many modified network attacks use so called evasion techniques the presented approach is an 8-bit dedicated microprocessor for exact and approximate string matching.  To construct the design itself and to perform the simulation environment the Xilinx ISE Web Pack simulator is used.

References

  • SNORT official web site: (http://www.snort.org) Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of LISA’99: 13th Administration Washington, USA. (1999) Seattle
  • Cho, Young H., and William H. Mangione-Smith. packet "Deep reconfigurable devices." ACM Transactions on Embedded Computing Systems (TECS) 7.2 (2008): filters design for
  • Sourdis, Ioannis, and Dionisios Pnevmatikatos. "Fast, large-scale string match for a 10Gbps FPGA- based network intrusion detection system." Field Programmable Logic and Application. Springer Berlin Heidelberg, 2003. 880-889.
  • Clark, Christopher R., and David E. Schimmel. "Efficient reconfigurable logic circuits for matching complex patterns." Field Application. Springer Berlin Heidelberg, 2003. 956- intrusion detection Programmable Logic and Georgiev, Dejan, and Aristotel Tentov. "FSM
  • Circuits Design for Approximate String Matching in Hardware Based Network Intrusion Detection Systems."International Journal of Information Technology & Computer Science 6.1 (2013). Hwang, Enoch O. "Digital Logic and Microprocessor Design." La Sierra University, Riverside (2005).
  • Christopher R. Clark "Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems", Georgia Institute of Technologies , December 2003
Year 2014, Volume: 3 Issue: 3, 209 - 215, 28.09.2014

Abstract

References

  • SNORT official web site: (http://www.snort.org) Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of LISA’99: 13th Administration Washington, USA. (1999) Seattle
  • Cho, Young H., and William H. Mangione-Smith. packet "Deep reconfigurable devices." ACM Transactions on Embedded Computing Systems (TECS) 7.2 (2008): filters design for
  • Sourdis, Ioannis, and Dionisios Pnevmatikatos. "Fast, large-scale string match for a 10Gbps FPGA- based network intrusion detection system." Field Programmable Logic and Application. Springer Berlin Heidelberg, 2003. 880-889.
  • Clark, Christopher R., and David E. Schimmel. "Efficient reconfigurable logic circuits for matching complex patterns." Field Application. Springer Berlin Heidelberg, 2003. 956- intrusion detection Programmable Logic and Georgiev, Dejan, and Aristotel Tentov. "FSM
  • Circuits Design for Approximate String Matching in Hardware Based Network Intrusion Detection Systems."International Journal of Information Technology & Computer Science 6.1 (2013). Hwang, Enoch O. "Digital Logic and Microprocessor Design." La Sierra University, Riverside (2005).
  • Christopher R. Clark "Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems", Georgia Institute of Technologies , December 2003
There are 6 citations in total.

Details

Primary Language English
Journal Section Articles
Authors

Dejan Georgiev This is me

Publication Date September 28, 2014
Submission Date January 30, 2016
Published in Issue Year 2014 Volume: 3 Issue: 3

Cite

IEEE D. Georgiev, “Design of 8-bit dedicated microprocessor for content matching in NIDPS”, IJISS, vol. 3, no. 3, pp. 209–215, 2014.