Efficient Header Classification Architecture for Network Intrusion Detection
نویسندگان
چکیده
In this paper, an efficient FPGA-based header classification circuit is proposed for network intrusion detection system (NIDS). The circuit is based on simple shift registers and symbol encoders for the fast packet header classification in hardware. As compared with related work, experimental results show that the proposed work achieves higher throughput and less hardware resource in the FPGA implementations of NIDS systems.
منابع مشابه
Code Generation for Packet Header Intrusion Analysis on the IXP1200 Network Processor
We present a software architecture that enables the use of the IXP1200 network processor in packet header analysis for network intrusion detection. The proposed work consists of a simple and efficient run-time infrastructure for managing network processor resources, along with the S2I compiler, a tool that generates efficient C code from highlevel, human readable, intrusion signatures. This app...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملProposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملProposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملBuilding Balanced Search Tree based on Layered Decision Tree for Packet Classification
Packet classification is an important building block of the Internet routers for many network applications, such as Quality of Service (QoS), security, monitoring, analysis, and network intrusion detection (NIDS). In this paper, we propose a scheme called Layer based Search Tree (LST) to solve multifield packet classification problem. LST improves the traditional decision tree based schemes (e....
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. Inf. Sci. Eng.
دوره 25 شماره
صفحات -
تاریخ انتشار 2009