Advertisement

Hardware-Software Hybrid Packet Processing for Intrusion Detection Systems

  • Saraswathi Sachidananda
  • Srividya Gopalan
  • Sridhar Varadarajan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3802)

Abstract

Security is a major issue in today’s communication networks. Designing Network Intrusion Detection systems (NIDS) calls for high performance circuits in order to keep up with the rising data rates. Offloading software processing to hardware realizations is not an economically viable solution and hence hardware-software based hybrid solutions for the NIDS scenario are discussed in literature. By deploying processing on both hardware and software cores simultaneously by using a novel Intelligent Rule Parsing algorithm, we aim to minimize the number of packets whose waiting time is greater than a predefined threshold. This fairness criterion implicitly ensures in obtaining a higher throughput as depicted by our results.

Keywords

String Match Incoming Packet Packet Processing Rule Processing Packet Number 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Snort The Open Source Network Intrusion Detection System, http://www.snort.org
  2. 2.
    Fisk, M., Varghese, G.: An analysis of fast string matching applied to content-based forwarding and intrusion detection. In: Techical Report CS2001-0670 (updated version), University of California, San Diego (2002)Google Scholar
  3. 3.
    Sidhu, R., Prasanna, V.K.: Fast regular expression matching using FPGAs. In: IEEE Symposium on Field-Programmable Custom Computing Machines, CA, USA (April 2001)Google Scholar
  4. 4.
    Singaraju, J., Bu, L., Chandy, J.A.: A Signature Match Processor Architecture for Network Intrusion Detection. In: FCCM 2005 (2005)Google Scholar
  5. 5.
    Hung, W.N.N., Song, X.: BDD Variable Ordering By Scatter Search. In: Proceedings of the International Conference on Computer Design: VLSI in Computers and Processors, ICCD 2001 (2001)Google Scholar
  6. 6.
    Aho, A., Corasick, M.: Efficient string matching: An aid to bibliographic search. Communications of the ACM 18(6), 333–343 (1975)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Boyer, R.S., Moore, J.S.: A fast string searching algorithm. Communications of the ACM 20(10), 762–772 (1977)CrossRefGoogle Scholar
  8. 8.
    Knuth, D., Morris, J., Pratt, V.: Fast pattern matching in strings. SIAM Journal on Computing 6(2), 323–350 (1977)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Virtex-II Pro and Virtex-II Pro X Platform FPGAs,.:Complete Data Sheet (v4.3) (2005)Google Scholar
  10. 10.
    Xilinx ISE 7.0 In-Depth Tutorial, version (2005)Google Scholar
  11. 11.
    Attig, M., Dharmapurikar, S., Lockwood, J.: Implementation Results of Bloom Filters for String Matching. In: Proceedings of FCCM 2004 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Saraswathi Sachidananda
    • 1
  • Srividya Gopalan
    • 1
  • Sridhar Varadarajan
    • 1
  1. 1.Applied Research GroupSatyam Computer Services Ltd, Indian Institute of ScienceBangaloreIndia

Personalised recommendations