A 10-gbps high-speed single-chip network Intrusion detection and prevention system

N. Sertac Artan, Rajdip Ghosh, Yanchuan Guo, H. Jonathan Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.

Original languageEnglish (US)
Title of host publicationIEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings
Pages343-348
Number of pages6
DOIs
StatePublished - 2007
Event50th Annual IEEE Global Telecommunications Conference, GLOBECOM 2007 - Washington, DC, United States
Duration: Nov 26 2007Nov 30 2007

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference

Other

Other50th Annual IEEE Global Telecommunications Conference, GLOBECOM 2007
CountryUnited States
CityWashington, DC
Period11/26/0711/30/07

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'A 10-gbps high-speed single-chip network Intrusion detection and prevention system'. Together they form a unique fingerprint.

Cite this