• DocumentCode
    2494676
  • Title

    A 10-Gbps High-Speed Single-Chip Network Intrusion Detection and Prevention System

  • Author

    Artan, N. Sertac ; Ghosh, Rajdip ; Guo, Yanchuan ; Chao, H. Jonathan

  • Author_Institution
    Polytech. Univ., Brooklyn
  • fYear
    2007
  • fDate
    26-30 Nov. 2007
  • Firstpage
    343
  • Lastpage
    348
  • Abstract
    Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a Web server to display the intrusion alerts from the NIDPS were also developed for this system.
  • Keywords
    computer networks; digital signatures; field programmable gate arrays; network-on-chip; telecommunication security; FPGA; Web server; bit rate 10 Gbit/s; high-speed single-chip network; network intrusion detection system; network intrusion prevention system; network traffic; signature detection; Data structures; Databases; Displays; Field programmable gate arrays; Hardware; High-speed networks; Intrusion detection; Reconfigurable logic; Telecommunication traffic; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Global Telecommunications Conference, 2007. GLOBECOM '07. IEEE
  • Conference_Location
    Washington, DC
  • Print_ISBN
    978-1-4244-1042-2
  • Electronic_ISBN
    978-1-4244-1043-9
  • Type

    conf

  • DOI
    10.1109/GLOCOM.2007.71
  • Filename
    4410981
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2494676