A Fast and Configurable Pattern Matching Hardware Architecture for Intrusion Detection

Author

Liu, Yizhen ; Xu, Daxiong ; Liu, Dong ; Sun, Lingge

Author_Institution

Opt. Commun. & Optoelectron. Inst., Beijing Univ. of Posts & Commun., Beijing

fYear

2009

fDate

23-25 Jan. 2009

Firstpage

614

Lastpage

618

Abstract

The current hardware architectures of intrusion detection system have several limitations on performance and configurability. In this paper we describe the architecture design and hardware implementation of gigabits NIDS using a programmable network processor and a FPGA co-processor. We discuss the requirements of NIDS, system hardware architecture and report measurements. In particular, we demonstrate performance improved by optimized parallel pattern match processing and efficient memory access in field programmable gate array (FPGA). We show an NIDS which can exploit our approach hardware platform, and make suggestions about implementation features that can significantly improve the performance and configurability of intrusion detection systems.

Keywords

coprocessors; field programmable gate arrays; network-on-chip; parallel algorithms; pattern matching; security of data; telecommunication security; FPGA co-processor; configurable pattern matching hardware architecture; field programmable gate array; gigabit NIDS; intrusion detection system; memory access; optimized parallel pattern matching algorithm; programmable network processor; Coprocessors; Data mining; Field programmable gate arrays; Hardware; Inspection; Intrusion detection; Logic; Pattern matching; Telecommunication traffic; Web and internet services; FPGA; intrusion detection; network processor; pattern match; string match;

fLanguage

English

Publisher

ieee

Conference_Titel

Knowledge Discovery and Data Mining, 2009. WKDD 2009. Second International Workshop on

Conference_Location

Moscow

Print_ISBN

978-0-7695-3543-2

Type

conf

DOI

10.1109/WKDD.2009.111

Filename

4772012