A High-Speed Programmable Network Intrusion Detection System Based on a Multi-Byte Transition NFA

Hashimoto, Tomoaki; Wakabayashi, Shin'ichi; Nagayama, Shinobu; Inagi, Masato; Koishi, Ryohei; Takaguchi, Hiroki

Home // CENICS 2016, The Ninth International Conference on Advances in Circuits, Electronics and Micro-electronics // View article

A High-Speed Programmable Network Intrusion Detection System Based on a Multi-Byte Transition NFA

Authors:
Tomoaki Hashimoto
Shin'ichi Wakabayashi
Shinobu Nagayama
Masato Inagi
Ryohei Koishi
Hiroki Takaguchi

Keywords: Regular expression matching; non-deterministic finite automaton; programmable hardware; network intrusion detection system; FPGA.

Abstract:
To improve the network security, when a virus pattern is updated, an arbitrary updated pattern should be quickly set in a network intrusion detection system (NIDS). This type of NIDS is called “programmable.” However, present programmable NIDSs could hardly be applied to a high-speed network with more than 10 Gbps of network transmission speed due to the limitation of clock frequency of the circuit. To overcome this speed limitation, this paper proposes a programmable NIDS based on a multi-byte transition nondeterministic finite automaton (NFA). The proposed NIDS is implemented on an FPGA to evaluate its performance. The FPGA implementation results show that the proposed NIDS can achieve more than 10 Gbps of throughput.

Pages: 45 to 51

Copyright: Copyright (c) IARIA, 2016

Publication date: July 24, 2016

Published in: conference

ISSN: 2308-426X

ISBN: 978-1-61208-496-1

Location: Nice, France

Dates: from July 24, 2016 to July 28, 2016