Granidt: Towards Gigabit Rate Network Intrusion Detection Technology
作者: Maya Gokhale , Dave Dubois , Andy Dubois , Mike Boorman , Steve Poole
关键词: Gigabit 、 Embedded system 、 Network packet 、 Virtex 、 Gigabit Ethernet 、 Field-programmable gate array 、 Computer science 、 Network interface controller 、 Reconfigurable computing 、 Interface (computing)
摘要: We describe a novel application of reconfigurable computing to the problem computer network security. By filteringne twork packets with customized logic circuits, we can search headers as well packet content for specific signatures at Gigabit Ethernet line rate. Input our system is set filter rule descriptions in format public domain "snort" databases. These are used by hardware circuits on two Xilinx Virtex 1000 FPGAs SLAAC1V [9]board. Packets read from interface card, GRIP [8], and flow directly through filtering circuits. A vector describing matchingpa cket returned host program, which relates matches back database, so that logs or alerts be generated. The runs 66 MHz 32-bit data, giving an effective rate 2 Gb/s. granidt combination software/hardware 24.9X speed snort 1.8.
springer.com
core.ac.uk
sci-hub.se 参考文章(5)
William Cheswick, Firewalls and Internet Security ,(1994)
Steven M. Bellovin, Aviel D. Rubin, William R. Cheswick, Firewalls and Internet Security: Repelling the Wily Hacker ,(2003)
J.T. McHenry, P.W. Dowd, F.A. Pellegrino, T.M. Carrozzi, W.B. Cocks, An FPGA-based coprocessor for ATM firewalls field programmable custom computing machines. pp. 30- 39 ,(1997) , 10.1109/FPGA.1997.624602
Van Jacobson, Steven McCanne, The BSD packet filter: a new architecture for user-level packet capture USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings. pp. 2- 2 ,(1993)
B.L. Hutchings, R. Franklin, D. Carver, Assisting network intrusion detection with reconfigurable hardware field-programmable custom computing machines. pp. 111- 120 ,(2002) , 10.1109/FPGA.2002.1106666