FPGA based CAM architecture string matching for network intrusion detection
String matching for network processing is the method of analyzing if a particular pattern or signature is observed in the received packet or data. Executing string matching with software approaches could not meet multi-giga bandwidth specifications and very time consuming. A hardware string matching...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2012
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/32102/5/GanChongGimMFKE2012.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.32102 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.321022017-09-25T03:26:26Z FPGA based CAM architecture string matching for network intrusion detection 2012-06 Gan, Chong Gim TK Electrical engineering. Electronics Nuclear engineering String matching for network processing is the method of analyzing if a particular pattern or signature is observed in the received packet or data. Executing string matching with software approaches could not meet multi-giga bandwidth specifications and very time consuming. A hardware string matching able to speed up the string matching process significantly. The focus of this project is to present hardware CAMs (Content Addressable Memories) based string matching to perform pattern searching process for network intrusion detection (NIDS) applications on Field Programmable Gate Array (FPGA). The hardware pattern matching system is designed and developed in Verilog RTL language targeting the Altera Stratix-III FPGA. The developed string matching system is simulated with Snort NIDS ruleset. Its results are evaluated in terms of the string matching delay and resource utilization. The algorithm is compatible to support flexible signature length and different number of signature sets requirements. The CAM based string matching architecture can be extended to support parallel signatures searching and approximate string matching. 2012-06 Thesis http://eprints.utm.my/id/eprint/32102/ http://eprints.utm.my/id/eprint/32102/5/GanChongGimMFKE2012.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Electrical Engineering Faculty of Electrical Engineering |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
TK Electrical engineering Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering Electronics Nuclear engineering Gan, Chong Gim FPGA based CAM architecture string matching for network intrusion detection |
| description |
String matching for network processing is the method of analyzing if a particular pattern or signature is observed in the received packet or data. Executing string matching with software approaches could not meet multi-giga bandwidth specifications and very time consuming. A hardware string matching able to speed up the string matching process significantly. The focus of this project is to present hardware CAMs (Content Addressable Memories) based string matching to perform pattern searching process for network intrusion detection (NIDS) applications on Field Programmable Gate Array (FPGA). The hardware pattern matching system is designed and developed in Verilog RTL language targeting the Altera Stratix-III FPGA. The developed string matching system is simulated with Snort NIDS ruleset. Its results are evaluated in terms of the string matching delay and resource utilization. The algorithm is compatible to support flexible signature length and different number of signature sets requirements. The CAM based string matching architecture can be extended to support parallel signatures searching and approximate string matching. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Gan, Chong Gim |
| author_facet |
Gan, Chong Gim |
| author_sort |
Gan, Chong Gim |
| title |
FPGA based CAM architecture string matching for network intrusion detection |
| title_short |
FPGA based CAM architecture string matching for network intrusion detection |
| title_full |
FPGA based CAM architecture string matching for network intrusion detection |
| title_fullStr |
FPGA based CAM architecture string matching for network intrusion detection |
| title_full_unstemmed |
FPGA based CAM architecture string matching for network intrusion detection |
| title_sort |
fpga based cam architecture string matching for network intrusion detection |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Electrical Engineering |
| granting_department |
Faculty of Electrical Engineering |
| publishDate |
2012 |
| url |
http://eprints.utm.my/id/eprint/32102/5/GanChongGimMFKE2012.pdf |
| _version_ |
1747815921862311936 |