Abstract
A novel architecture for a hardware-based network intrusion detection system (NIDS) is presented in this paper. The system adopts an FPGA-based signature match co-processor as a core for the NIDS. The signature matcher is based on an algorithm that employs simple shift registers, or-gates, and ROMs in which patterns are stored. As compared with related work, experimental results show that the proposed work achieves higher throughput and less hardware resource in the FPGA implementations of network intrusion detection.
This project is partially supported by the Center for Infrastructure Assurance and Security at UTSA and US Air Force under grant #26-0200-62.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
SNORT official web site, http://www.snort.org
Ramirez, T., Lo, C.D.: Rule set decomposition for hardware network intrusion detection. In: The 2004 International Computer Symposium (ICS 2004) (2004)
Gokhale, M., Dubois, D., Dubois, A., Boorman, M., Poole, S., Hogsett, V.: Granidt: towards gigabit rate network intrusion detection technology. In: Proceedings of the International Conference on Field Programmable Logic and Application, pp. 404–413 (2002)
Hutchings, B.L., Franklin, R., Carver, D.: Assisting network intrusion detection with reconfigurable hardware. In: Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 111–120 (2002)
Singaraju, J., Bu, L., Chandy, J.A.: A signature match processor architecture for network intrusion detection. In: Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 235–242 (2005)
Sourdis, I., Pnevmatikatos, D.N.: Pre-decoded cams for efficient and high-speed nids pattern matching. In: Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 258–267 (2004)
Moscola, J., Lockwood, J.W., Loui, R.P., Pachos, M.: Implementation of a content-scanning module for an internet firewall. In: Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 31–38 (2003)
Baeza-Tates, R., Gonnet, G.: A new approach to text searching. Communications of the ACM 35, 74–82 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Roan, HC., Ou, CM., Hwang, WJ., Lo, CT.D. (2006). Efficient Logic Circuit for Network Intrusion Detection. In: Sha, E., Han, SK., Xu, CZ., Kim, MH., Yang, L.T., Xiao, B. (eds) Embedded and Ubiquitous Computing. EUC 2006. Lecture Notes in Computer Science, vol 4096. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11802167_78
Download citation
DOI: https://doi.org/10.1007/11802167_78
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36679-9
Online ISBN: 978-3-540-36681-2
eBook Packages: Computer ScienceComputer Science (R0)