Abstract
This paper introduces a novel FPGA-based signature match co-processor that can serve as the core of a hardware-based network intrusion detection system (NIDS). The key feature of the signature match co-processor is an architecture based on the shift-or algorithm, which employs simple shift registers, or-gates, and ROMs where patterns are stored. As compared with related work, experimental results show that the proposed work achieves higher throughput and less hardware resource in the FPGA implementations of NIDS systems.
Original language | English |
---|---|
Pages (from-to) | 1229-1239 |
Number of pages | 11 |
Journal | Journal of Information Science and Engineering |
Volume | 24 |
Issue number | 4 |
Publication status | Published - 2008 Jul |
Keywords
- FPGA implementation
- Network intrusion detection system
- Pattern matching
- Shift-or algorithm
- String searching
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Hardware and Architecture
- Library and Information Sciences
- Computational Theory and Mathematics