Title :
High Performance Software-Hardware Network Intrusion Detection System
Author :
Proudfoot, Ryan ; Kent, Kenneth ; Aubanel, Eric ; Chen, Nan
Author_Institution :
Univ. of New Brunswick, Fredericton
Abstract :
Network intrusion detection systems (NIDS) and quality of service (QoS) demands have been steadily increasing over the past few years. Current solutions using software become inefficient running on high speed high volume networks and will end up dropping packets. Hardware solutions are available and result in much higher efficiency but present problems such as flexibility and cost. Our proposed system uses a modified version of Snort, a robust widely deployed open-sourced NIDS. It has been found that Snort spends at least 30%-60% of its processing time doing pattern matching. Our proposed system runs Snort in software until it gets to the pattern matching function and then offloads that processing to the field programmable gate array (FPGA). The software can then go on to other processing while it waits for the results from the FPGA. The hardware is able to process data at upto 1.7 GB/s on one Xilinx XC2VP100 FPGA. The design is scaleable and will allow for multiple FPGAs to be used in parallel to increase the processing speed even further.
Keywords :
field programmable gate arrays; hardware-software codesign; pattern matching; quality of service; security of data; Xilinx XC2VP100; field programmable gate array; high speed networks; high volume networks; network intrusion detection system; pattern matching; quality of service; software-hardware system; Field programmable gate arrays; Hardware; Intrusion detection; Open source software; Pattern matching; Payloads; Performance analysis; Quality of service; Robustness; Software architecture;
Conference_Titel :
Field-Programmable Technology, 2007. ICFPT 2007. International Conference on
Conference_Location :
Kitakyushu
Print_ISBN :
978-1-4244-1472-7
Electronic_ISBN :
978-1-4244-1472-7
DOI :
10.1109/FPT.2007.4439273
