Hardware implementations of high-speed network monitors

Recently, many kinds of malicious attacks on the Internet such as denial of service (DoS) attacks are increasing, and many unnecessary packets waste network resources. Network monitors to watch and filtering these unnecessary packets have been proposed. However, in the present network monitors implemented using several servers and monitoring software, it will be difficult to watch in real time and remove unnecessary packets at the very high-speed backbone network such as intercontinental one. One of the methods to realize a real time network monitor is an implementation by the hardware. Therefore, in this research, we propose a hardware architecture that detects IP flooding and SYN flood; these are kinds of DoS attacks. We design the hardware circuits in ASIC and FPGA. As the results of logic synthesis, we confirm that these detection circuits can work on the high-speed traffic such as more than 10 millions packets/sec.