High-Performance Stateful Intrusion Detection System

Author

Yoon, Seungyong ; Kim, Byoungkoo ; Oh, Jintae

Author_Institution

Network Security Archit. Team, Electron. & Telecommun. Res. Inst., Daejeon

Volume

1

fYear

2006

fDate

Nov. 2006

Firstpage

574

Lastpage

579

Abstract

This paper is related with a stateful intrusion detection technology which is based on session state tracking in network intrusion detection systems (NIDSs). Today´s network security systems are required high-performance as well as good functionality since the speed of the Internet is increasing. But most of the software-based NIDSs (e.g. Snort) show inefficiency and even fail to perform for the faster Internet. In this paper, we provide hardware-based stateful intrusion detection module to overcome these shortcomings of software-based solutions. By implementing stateful intrusion detection module in FPGA, we can solve the problem of performance and has capability of intrusion detection in future multi-gigabit network environment. In addition, we can improve the accuracy of intrusion detection with reducing false positive alerts

Keywords

field programmable gate arrays; security of data; Internet; field programmable gate array; hardware-based stateful intrusion detection; network intrusion detection system; network security system; session state tracking; Data security; Field programmable gate arrays; Hardware; High-speed networks; IP networks; Internet; Intrusion detection; Logic; Pattern matching; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security, 2006 International Conference on

Conference_Location

Guangzhou

Print_ISBN

1-4244-0605-6

Electronic_ISBN

1-4244-0605-6

Type

conf

DOI

10.1109/ICCIAS.2006.294201

Filename

4072154