• DocumentCode
    2797518
  • Title

    A FPGA-based deep packet inspection engine for Network Intrusion Detection System

  • Author

    Thinh, Tran Ngoc ; Hieu, Tran Trung ; Dung, Van Quoc ; Kittitornkun, Surin

  • Author_Institution
    Dept. of Comput. Eng., HCMUT, Ho Chi Minh City, Vietnam
  • fYear
    2012
  • fDate
    16-18 May 2012
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    Pattern matching has became a bottleneck of software based Network Intrusion Detection System (NIDS) as the number of signature have recently increased dramatically. Many FPGA-based architectures for detecting malicious patterns have been proposed recently. However, these approaches have just considered matching pattern separately while more and more complex combination of several patterns are utilized to describe intrusion activities. In this paper we present our work which concentrates on multi-pattern signature and propose a FPGA-based deep packet inspection engine for NIDS. The system can support both static and dynamic patterns. We employ Snort signature set and realize our system on NetFPGA platform. The evaluation on real network environment shows that our system can maintain gigabit line rate throughput without dropping packets.
  • Keywords
    computer network security; digital signatures; field programmable gate arrays; pattern matching; FPGA-based architecture; FPGA-based deep packet inspection engine; NIDS; NetFPGA platform; Snort signature set; dynamic patterns; gigabit line rate throughput; malicious pattern detection; multipattern signature; pattern matching; software based network intrusion detection system; static patterns; Engines; Field programmable gate arrays; Inspection; Intrusion detection; Pattern matching; Random access memory; Throughput; DPI; FPGA; NFA; NIDS/NIPS; Regular Expression; cuckoo hashing; multi-pattern matching;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology (ECTI-CON), 2012 9th International Conference on
  • Conference_Location
    Phetchaburi
  • Print_ISBN
    978-1-4673-2026-9
  • Type

    conf

  • DOI
    10.1109/ECTICon.2012.6254301
  • Filename
    6254301
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2797518