文章基本信息

标题：PGA Based Network Intrusion Detection System Using Counting Bloom Filter
本地全文：下载
作者：Karthikeyeni, M. M. ; Rajeshkumar, M. V ; Mukuntharaj, M. C 等
期刊名称：International Journal of Electronics Communication and Computer Engineering
印刷版ISSN：2249-071X
电子版ISSN：2278-4209
出版年度：2012
卷号：3
期号：4
页码：927-933
出版社：IJECCE
摘要：Computer networks face an ever increasing number of threats from hackers, viruses and other malwares. An effective Network Intrusion Detection (NID) is critical before a threat affects end user machines and it leads to many financial and national security problems. As the number of threats and network speed increases, the conventional software based NID system users must choose between protection or higher data rates. As a result there has been a move towards custom hardware implementation of network intrusion detection which can have significantly higher throughput. To ensure the highest throughput bloom filters can be used. Bloom filter is an efficient data structure for hardware-based string matching. Bloom filter offers a mechanism to search for a large number of strings efficiently and concurrently when implemented with Field Programmable Gate Array (FPGA) technology. In this work an innovative architecture to realize string matching algorithm with a hardware accelerator using counting bloom filter have been proposed. The algorithm allows skipping characters not in a match in the text, and in turn simultaneously inspects multiple characters. Bloom filter stores a compact randomized representation of the threat-database, allowing for a number of advantages over traditional hash tables which have a large amount of overhead and require enough memory to store the full threat-database. The basic bloom filter can be improved into a counting bloom filter which allows reprogramming the filter by number of times depends upon the counter value and gives more flexibility. The proposed system will be designed using VHDL (Very High Speed Integrated Circuits Hardware Descriptive Language) and will be implemented using FPGA (Field Programmable Gate Array).
关键词：Counting Bloom Filter; FPGA; NIDS; VHDL