A Signature Match Processor Architecture for Network Intrusion Detection

F
FCCM
2005
13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'05)
Abstract - A Signature Match Processor Architecture for Network Intrusion Detection

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Janardhan Singaraju Articles by Long Bu Articles by John A. Chandy

13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'05)

Los Alamitos

April 18-April 20

ISBN: 0-7695-2445-1

	ASCII Text	x
	Janardhan Singaraju, Long Bu, John A. Chandy, "A Signature Match Processor Architecture for Network Intrusion Detection," Field-Programmable Custom Computing Machines, Annual IEEE Symposium on, pp. 235-242, 13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'05), 2005.

	BibTex	x
	@article{ 10.1109/FCCM.2005.11, author = {Janardhan Singaraju and Long Bu and John A. Chandy}, title = {A Signature Match Processor Architecture for Network Intrusion Detection}, journal ={Field-Programmable Custom Computing Machines, Annual IEEE Symposium on}, volume = {0}, year = {2005}, isbn = {0-7695-2445-1}, pages = {235-242}, doi = {http://doi.ieeecomputersociety.org/10.1109/FCCM.2005.11}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Field-Programmable Custom Computing Machines, Annual IEEE Symposium on TI - A Signature Match Processor Architecture for Network Intrusion Detection SN - 0-7695-2445-1 SP235 EP242 A1 - Janardhan Singaraju, A1 - Long Bu, A1 - John A. Chandy, PY - 2005 KW - null VL - 0 JA - Field-Programmable Custom Computing Machines, Annual IEEE Symposium on ER -

Janardhan Singaraju, University of Connecticut

Long Bu, University of Connecticut

John A. Chandy, University of Connecticut

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/FCCM.2005.11

In this paper, we introduce a novel architecture for a hardware based network intrusion detection system (NIDS). NIDSs are becoming critical components of the network infrastructure as they serve as a key line of defense in network protection. However, current methods are much too compute intensive and can not begin to meet the bandwidth requirements of a moderate sized corporate network. Thus, hardware techniques are desired to speed up network processing. This paper introduces a FPGA based signature match processor that can serve as the core of a hardware based NIDS. The signature match processor?s key feature is a CAM-based cellular processor architecture that can match strings in an area efficient manner. Using a unique binary tree structure, we are also able to generate priority encoded addresses corresponding to multiple signature matches.

Citation:

Janardhan Singaraju, Long Bu, John A. Chandy, "A Signature Match Processor Architecture for Network Intrusion Detection," fccm, pp.235-242, 13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.