Abstract
Content or string matching is the core process of deep package inspection and pattern recognition used by the Network Intrusion Detection and Prevention Systems (NIDPS). Although there are many sophisticated algorithms in software it is an exhaustive process and still beneath the requirements of the high-speed network traffic. In this paper is presented a flexible hardware solution i.e. microprocessor able to recognize known attack patterns and its variants to overcome the software NIDPS outage caused by 1 Gbps (and beyond) throughputs. Since many modified network attacks use so called evasion techniques the presented approach is an 8-bit dedicated microprocessor for exact and approximate string matching. To construct the design itself and to perform the simulation environment the Xilinx ISE Web Pack simulator is used.
Keywords
References
- SNORT official web site: (http://www.snort.org) Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of LISA’99: 13th Administration Washington, USA. (1999) Seattle
- Cho, Young H., and William H. Mangione-Smith. packet "Deep reconfigurable devices." ACM Transactions on Embedded Computing Systems (TECS) 7.2 (2008): filters design for
- Sourdis, Ioannis, and Dionisios Pnevmatikatos. "Fast, large-scale string match for a 10Gbps FPGA- based network intrusion detection system." Field Programmable Logic and Application. Springer Berlin Heidelberg, 2003. 880-889.
- Clark, Christopher R., and David E. Schimmel. "Efficient reconfigurable logic circuits for matching complex patterns." Field Application. Springer Berlin Heidelberg, 2003. 956- intrusion detection Programmable Logic and Georgiev, Dejan, and Aristotel Tentov. "FSM
- Circuits Design for Approximate String Matching in Hardware Based Network Intrusion Detection Systems."International Journal of Information Technology & Computer Science 6.1 (2013). Hwang, Enoch O. "Digital Logic and Microprocessor Design." La Sierra University, Riverside (2005).
- Christopher R. Clark "Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems", Georgia Institute of Technologies , December 2003
Abstract
References
- SNORT official web site: (http://www.snort.org) Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of LISA’99: 13th Administration Washington, USA. (1999) Seattle
- Cho, Young H., and William H. Mangione-Smith. packet "Deep reconfigurable devices." ACM Transactions on Embedded Computing Systems (TECS) 7.2 (2008): filters design for
- Sourdis, Ioannis, and Dionisios Pnevmatikatos. "Fast, large-scale string match for a 10Gbps FPGA- based network intrusion detection system." Field Programmable Logic and Application. Springer Berlin Heidelberg, 2003. 880-889.
- Clark, Christopher R., and David E. Schimmel. "Efficient reconfigurable logic circuits for matching complex patterns." Field Application. Springer Berlin Heidelberg, 2003. 956- intrusion detection Programmable Logic and Georgiev, Dejan, and Aristotel Tentov. "FSM
- Circuits Design for Approximate String Matching in Hardware Based Network Intrusion Detection Systems."International Journal of Information Technology & Computer Science 6.1 (2013). Hwang, Enoch O. "Digital Logic and Microprocessor Design." La Sierra University, Riverside (2005).
- Christopher R. Clark "Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems", Georgia Institute of Technologies , December 2003
Details
| Primary Language | English |
|---|---|
| Journal Section | Articles |
| Authors | |
| Publication Date | September 28, 2014 |
| Submission Date | January 30, 2016 |
| Published in Issue | Year 2014 Volume: 3 Issue: 3 |