Title :
Design of SPI module in large-scale network
Author :
Yoon, Seungyong ; Oh, Jintae ; Jang, Jongsoo
Author_Institution :
Electron. & Telecommun. Res. Inst.
Abstract :
One of the major problems and limiting factor with network-based IDS(NIDS) is the high false positive alert rate. In order to reduce these false positive alerts, a lot of methods and techniques are proposed. Stateful packet inspection (SPI) is one of these solutions. Stateless IDSs generate tremendous false positive alerts while stick or snot attempts to attack. Most existing NIDS have SPI modules which supports statefulness but they don´t satisfy high-performance in gigabit Internet environment. To solve this problem, we propose a hardware based SPI module that supports up to 1 million connections with 2-step state management scheme in this paper
Keywords :
Internet; computer network management; modules; security of data; 2-step state management scheme; false positive alert rate; gigabit Internet environment; hardware based SPI module design; intrusion detection; large-scale network; limiting factor; network-based IDS; snot attempts; stateful packet inspection; stateless IDS; Field programmable gate arrays; Hardware; Inspection; Intelligent networks; Internet; Intrusion detection; Large-scale systems; Resource management; Telecommunication traffic; Testing; Network Intrusion Detection; Session Tracking; Stateful Packet Inspection;
Conference_Titel :
Advanced Communication Technology, 2006. ICACT 2006. The 8th International Conference
Conference_Location :
Phoenix Park
Print_ISBN :
89-5519-129-4
DOI :
10.1109/ICACT.2006.206317
