A 10-gbps high-speed single-chip network Intrusion detection and prevention system

N. Sertac Artan, Rajdip Ghosh, Yanchuan Guo, H. Jonathan Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.

Original languageEnglish (US)
Title of host publicationIEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings
Pages343-348
Number of pages6
DOIs
StatePublished - 2007
Event50th Annual IEEE Global Telecommunications Conference, GLOBECOM 2007 - Washington, DC, United States
Duration: Nov 26 2007Nov 30 2007

Other

Other50th Annual IEEE Global Telecommunications Conference, GLOBECOM 2007
CountryUnited States
CityWashington, DC
Period11/26/0711/30/07

Fingerprint

Intrusion detection
HIgh speed networks
Field programmable gate arrays (FPGA)
Servers
Hardware
Data storage equipment

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Artan, N. S., Ghosh, R., Guo, Y., & Chao, H. J. (2007). A 10-gbps high-speed single-chip network Intrusion detection and prevention system. In IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings (pp. 343-348). [4410981] https://doi.org/10.1109/GLOCOM.2007.71

A 10-gbps high-speed single-chip network Intrusion detection and prevention system. / Artan, N. Sertac; Ghosh, Rajdip; Guo, Yanchuan; Chao, H. Jonathan.

IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings. 2007. p. 343-348 4410981.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Artan, NS, Ghosh, R, Guo, Y & Chao, HJ 2007, A 10-gbps high-speed single-chip network Intrusion detection and prevention system. in IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings., 4410981, pp. 343-348, 50th Annual IEEE Global Telecommunications Conference, GLOBECOM 2007, Washington, DC, United States, 11/26/07. https://doi.org/10.1109/GLOCOM.2007.71
Artan NS, Ghosh R, Guo Y, Chao HJ. A 10-gbps high-speed single-chip network Intrusion detection and prevention system. In IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings. 2007. p. 343-348. 4410981 https://doi.org/10.1109/GLOCOM.2007.71
Artan, N. Sertac ; Ghosh, Rajdip ; Guo, Yanchuan ; Chao, H. Jonathan. / A 10-gbps high-speed single-chip network Intrusion detection and prevention system. IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings. 2007. pp. 343-348
@inproceedings{9102943fe2a14183b7e8715e5281b0d2,
title = "A 10-gbps high-speed single-chip network Intrusion detection and prevention system",
abstract = "Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.",
author = "Artan, {N. Sertac} and Rajdip Ghosh and Yanchuan Guo and Chao, {H. Jonathan}",
year = "2007",
doi = "10.1109/GLOCOM.2007.71",
language = "English (US)",
isbn = "1424410436",
pages = "343--348",
booktitle = "IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings",

}

TY - GEN

T1 - A 10-gbps high-speed single-chip network Intrusion detection and prevention system

AU - Artan, N. Sertac

AU - Ghosh, Rajdip

AU - Guo, Yanchuan

AU - Chao, H. Jonathan

PY - 2007

Y1 - 2007

N2 - Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.

AB - Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.

UR - http://www.scopus.com/inward/record.url?scp=39349087206&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=39349087206&partnerID=8YFLogxK

U2 - 10.1109/GLOCOM.2007.71

DO - 10.1109/GLOCOM.2007.71

M3 - Conference contribution

SN - 1424410436

SN - 9781424410439

SP - 343

EP - 348

BT - IEEE GLOBECOM 2007 - 2007 IEEE Global Telecommunications Conference, Proceedings

ER -