Hardware implementation of key functionalities of NIPS for high speed network

Network-based Intrusion Prevention System (NIPS) monitors network traffic for suspicious activity and has ability to subvert or stop an attack targeted at any system or device in network. With an advent of 10G/40G Ethernet standards, current generation NIPS components may not cope up with these network speeds. In this work, FPGA-based architecture for key functionalities of NIPS have been designed and evaluated. Here, network traffic is processed from Layer 1(physical) till Layer 4(transport) using FPGA logic resources. The concurrent behavior of hardware is exploited for processing packets at 10 Gbps received from Ethernet interface. A Receive Decode Module (RXDM) is proposed to extract essential data for intrusion analysis. This information is then analyzed by Packet Processing Engine (PPE) which is heart of this architecture and decision is taken as per defined policies to pass or drop ongoing packet.