Advertisement

Exploiting Stateful Inspection of Network Security in Reconfigurable Hardware

  • Shaomeng Li
  • Jim Tørresen
  • Oddvar Søråsen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2778)

Abstract

One of the most important areas of a network intrusion detection system (NIDS), stateful inspection, is described in this paper. We present a novel reconfigurable hardware architecture implementing TCP stateful inspection used in NIDS. This is to achieve a more efficient and faster network intrusion detection system as todays’ NIDSs show inefficiency and even fail to perform while encountering the faster Internet. The performance of the NIDS described is expected to obtain a throughput of 3.0 Gbps.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Clarkin, M.: Comparison of CyberwallPLUS Intrusion Prevention and Current IDS technology. NETWORK-1, Security Solutions, Inc., White PaperGoogle Scholar
  2. 2.
    Postel, J.: Request For comment 793, Transmission control Protocol (1998)Google Scholar
  3. 3.
    Sergei et al.: SNORTRAN: An Optimizing Compiler for Snort Rules. Fidelis Security Systems, Inc. (2002)Google Scholar
  4. 4.
    Li, S., et al.: Exploiting Reconfigurable Hardware for Network Security. In: Proc. of 11th Annual IEEE Symposium on Fiels-Programmable Custom Computing Machines (FCCM 2003) (2003)Google Scholar
  5. 5.
    Necker, M., et al.: TCP-Stream Reassembly and State Tracking in Hardware. In: Proc. of 10th Annual IEEE Symposium on Fiels-Programmable Custom Computing Machines (FCCM 2002), School od Electrical and computer Engineering, Georgia Institute of Technology, Atlanta, GA (2002)Google Scholar
  6. 6.

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Shaomeng Li
    • 1
  • Jim Tørresen
    • 1
  • Oddvar Søråsen
    • 1
  1. 1.Department of InformaticsUniversity of OsloOsloNorway

Personalised recommendations