Paper Info
Title
SPP-NIDS - A Sea of Processors Platform for Network Intrusion Detection Systems
Abstract
A widely used approach to avoid network intrusion is SNORT, an open source Network Intrusion Detec- tion System (NIDS). This work describes SPP-NIDS, a architecture for intrusion detection supporting SNORT rules. SPP-NIDS is attractive to real-world network intrusion detection, due to its scalability, flexibility and performance features. A parameterizable cluster of simple processors provides system scalability. Hard- ware NIDSs described in the literature often employ hardwired comparators to verify if the incoming net- work traffic has data potentially containing intrusion attacks. Such NIDSs must be re-synthesized when a new set of rules is available, which happens frequently. In SPP-NIDS, the rule set defining network intrusion patterns is stored in RAM, enabling its straightforward upgrade. The proposed system, when implemented in a 2-million gate FPGA is able to work at a 100 Mbps network data rate, using the complete set of SNORT rules. If more performance is required, it suffices to scale the system, by adding extra processors.
Year
DOI
Venue
2007
10.1109/RSP.2007.35
IEEE International Workshop on Rapid System Prototyping
Keywords
Field
DocType
computer networks,security of data,telecommunication security,telecommunication traffic,SNORT rule,SPP-NIDS,hardwired comparator,network traffic,open source network intrusion detection system
Host-based intrusion detection system,Network intrusion detection,Comparator,Computer science,Computer network,Field-programmable gate array,Upgrade,Anomaly-based intrusion detection system,Intrusion detection system,Embedded system,Scalability
Conference
ISSN
ISBN
Citations 
1074-6005
0-7695-2834-1
0
PageRank 
References 
Authors
0.34
5
5
Name
Order
Citations
PageRank
Luis Carlos Caruso100.34
Guilherme Guindani2484.01
Hugo Schmitt300.34
Ney Calazans469743.13
Fernando Moraes572043.62