Title :
A FPGA-based deep packet inspection engine for Network Intrusion Detection System
Author :
Thinh, Tran Ngoc ; Hieu, Tran Trung ; Dung, Van Quoc ; Kittitornkun, Surin
Author_Institution :
Dept. of Comput. Eng., HCMUT, Ho Chi Minh City, Vietnam
Abstract :
Pattern matching has became a bottleneck of software based Network Intrusion Detection System (NIDS) as the number of signature have recently increased dramatically. Many FPGA-based architectures for detecting malicious patterns have been proposed recently. However, these approaches have just considered matching pattern separately while more and more complex combination of several patterns are utilized to describe intrusion activities. In this paper we present our work which concentrates on multi-pattern signature and propose a FPGA-based deep packet inspection engine for NIDS. The system can support both static and dynamic patterns. We employ Snort signature set and realize our system on NetFPGA platform. The evaluation on real network environment shows that our system can maintain gigabit line rate throughput without dropping packets.
Keywords :
computer network security; digital signatures; field programmable gate arrays; pattern matching; FPGA-based architecture; FPGA-based deep packet inspection engine; NIDS; NetFPGA platform; Snort signature set; dynamic patterns; gigabit line rate throughput; malicious pattern detection; multipattern signature; pattern matching; software based network intrusion detection system; static patterns; Engines; Field programmable gate arrays; Inspection; Intrusion detection; Pattern matching; Random access memory; Throughput; DPI; FPGA; NFA; NIDS/NIPS; Regular Expression; cuckoo hashing; multi-pattern matching;
Conference_Titel :
Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2012 9th International Conference on
Conference_Location :
Phetchaburi
Print_ISBN :
978-1-4673-2026-9
DOI :
10.1109/ECTICon.2012.6254301
