The current hardware architectures of intrusion detection system have several limitations on performance and configurability. In this paper we describe the architecture design and hardware implementation of gigabits NIDS using a programmable network processor and a FPGA co-processor. We discuss the requirements of NIDS, system hardware architecture and report measurements. In particular, we demonstrate performance improved by optimized parallel pattern match processing and efficient memory access in Field Programmable Gate Array (FPGA). We show an NIDS which can exploit our approach hardware platform, and make suggestions about implementation features that can significantly improve the performance and configurability of intrusion detection systems. © 2009 IEEE.
CITATION STYLE
Yizhen, L., Daxiong, X., Dong, L., & Lingge, S. (2009). A fast and configurable pattern matching hardware architecture for intrusion detection. In Proceedings - 2009 2nd International Workshop on Knowledge Discovery and Data Mining, WKKD 2009 (pp. 614–618). https://doi.org/10.1109/WKDD.2009.111
Mendeley helps you to discover research relevant for your work.