论文信息 - Implementation of simple SNORT processor for efficient Intrusion Detection systems

Implementation of simple SNORT processor for efficient Intrusion Detection systems

In this paper, a method is proposed for hardware implementation of basic instructions of SNORT software for using in hardware accelerator systems relating to Network Intrusion Detection (NID). The design is implemented in Verilog hardware description language. The design is synthesized both in FPGA on Virtex5 and ASIC (with CMOS Technology 90nm and 65nm). Initial results of hardware description simulation agree with those of SNORT. Similarity between these two results shows that the proposed hardware infrastructure can be exploited as a hardware accelerator in different applications of Intrusion Detection (ID) within networks where needs high processing rate for multi Gb/s data rates. The ASIC synthesis results indicate that the proposed hardware can process payload section of a TCP/IP stream with the rate of 1 Gb/s and 2 Gb/s in TSMC 90nm and TSMC 65nm respectively.

Amir Masoud Rahmani | Ehsan Azimi | M.B. Ghaznavi-Ghoushchi

[1] Mohammad Bagher Ghaznavi-Ghoushchi,et al. A Multi-Gb/s Parallel String Matching Engine for Intrusion Detection Systems , 2008 .

[2] Dionisios N. Pnevmatikatos,et al. Pre-decoded CAMs for efficient and high-speed NIDS pattern matching , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[3] Christopher R. Clark. Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems , 2004 .

[4] Khalil Al-Salem. Hardware-efficient pattern matching algorithms and architectures for fast intrusion detection , 2006 .