A Common On-board Hardware Architecture for Intrusion Detection System

An intrusion detection system (IDS) implements pattern matching approach on the network traffic to find the malicious packets carrying attack signatures. In this paper, a common field programmable gate array (FPGA) based on-board hardware architecture which is compatible with both ordinary string and perl compatible regular expression (PCRE) pattern matching is proposed to accelerate IDS. Furthermore, a flexible storage structure which is suitable for many general hardware matching algorithms and an optimized combinational logic circuit structure for PCRE matching are designed. With the synchronization of a connection decoder, ordinary string matching module coordinates with PCRE matching module to implement string-PCRE mixed rule.