Abstract | ||
---|---|---|
A widely used approach to avoid network intrusion is SNORT, an open source Network Intrusion Detec- tion System (NIDS). This work describes SPP-NIDS, a architecture for intrusion detection supporting SNORT rules. SPP-NIDS is attractive to real-world network intrusion detection, due to its scalability, flexibility and performance features. A parameterizable cluster of simple processors provides system scalability. Hard- ware NIDSs described in the literature often employ hardwired comparators to verify if the incoming net- work traffic has data potentially containing intrusion attacks. Such NIDSs must be re-synthesized when a new set of rules is available, which happens frequently. In SPP-NIDS, the rule set defining network intrusion patterns is stored in RAM, enabling its straightforward upgrade. The proposed system, when implemented in a 2-million gate FPGA is able to work at a 100 Mbps network data rate, using the complete set of SNORT rules. If more performance is required, it suffices to scale the system, by adding extra processors. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/RSP.2007.35 | IEEE International Workshop on Rapid System Prototyping |
Keywords | Field | DocType |
computer networks,security of data,telecommunication security,telecommunication traffic,SNORT rule,SPP-NIDS,hardwired comparator,network traffic,open source network intrusion detection system | Host-based intrusion detection system,Network intrusion detection,Comparator,Computer science,Computer network,Field-programmable gate array,Upgrade,Anomaly-based intrusion detection system,Intrusion detection system,Embedded system,Scalability | Conference |
ISSN | ISBN | Citations |
1074-6005 | 0-7695-2834-1 | 0 |
PageRank | References | Authors |
0.34 | 5 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Luis Carlos Caruso | 1 | 0 | 0.34 |
Guilherme Guindani | 2 | 48 | 4.01 |
Hugo Schmitt | 3 | 0 | 0.34 |
Ney Calazans | 4 | 697 | 43.13 |
Fernando Moraes | 5 | 720 | 43.62 |