Traffic-aware Design of a High Speed FPGA Network Intrusion Detection System

Download Now
Provided by: University of Rochester
Topic: Security
Format: PDF
Security of today's networks heavily relies on Network Intrusion Detection Systems (NIDSs). The ability to promptly update the supported rule sets and detect new emerging attacks makes Field Programmable Gate Arrays (FPGAs) a very appealing technology. An important issue is how to scale FPGA-based NIDS implementations to ever faster network links. Whereas a trivial approach is to balance traffic over multiple, but functionally equivalent, hardware blocks, each implementing the whole rule set (several thousand rules), the obvious cons is the linear increase in the resource occupation.
Download Now

Find By Topic