Title :
Flexible Software-Hardware Network Intrusion Detection System
Author :
Proudfoot, Ryan ; Kent, Kenneth ; Aubanel, Eric ; Chen, Nan
Author_Institution :
Fac. of Comput. Sci., New Brunswick Univ., Fredericton, NB
Abstract :
Network intrusion detection system (NIDS) demands have been steadily increasing over the past few years. Current solutions using software become inefficient running on high speed high volume networks and will end up dropping packets. Hardware solutions are available and result in much higher efficiency but present problems such as flexibility and cost. Our proposed system uses a modified version of Snort, a robust widely deployed open-sourced NIDS. Snort spends a significant fraction of its processing time doing pattern matching. Our proposed system runs Snort in software until it gets to the pattern matching function and then off loads that processing to the field programmable gate array (FPGA). The hardware is able to process data at up to 1.7 GB/s on one Xilinx XC2VP100 FPGA. Our system is more flexible than other FPGA string matching designs in that the rules are not hard-coded. The design is scalable and allows FPGAs to be used in parallel to increase the processing speed even further.
Keywords :
field programmable gate arrays; pattern matching; security of data; Xilinx XC2VP100 FPGA; dropping packets; field programmable gate array; flexible software-hardware network intrusion detection system; hardware solutions; pattern matching function; Computer science; Field programmable gate arrays; Hardware; Intrusion detection; Niobium; Open source software; Pattern matching; Payloads; Robustness; Software prototyping; Field Programmable Gate Array; network intrusion detection; pattern matching;
Conference_Titel :
Rapid System Prototyping, 2008. RSP '08. The 19th IEEE/IFIP International Symposium on
Conference_Location :
Monterey, CA
Print_ISBN :
978-0-7695-3180-9
DOI :
10.1109/RSP.2008.11
