Framework for a NetFPGA-based snort NIDS

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

Network's speed continues to increase at a high rate resulting in massive network traffic. This results in a need to have a high-speed network intrusion detection system (NIDS) to detect malicious traffic. Snort is a software-based NIDS that can run as a single threaded application. However, it may not be able to detect intrusions in real-time especially in networks with high traffic. This paper proposes a two layer framework where Snort will run as a second line of defense and will be executed only when deep payload analysis is needed. To accelerate the efficiency of Snort, the proposed system will dynamically offload the most frequent rules or signatures to a NetFPGA based hardware. The NetFPGA will work as a first line of defense that accelerates the detection by filtering all the traffic looking for intrusions. This will be done by analyzing the captured packet header to match the offloaded rules or signatures.

Original languageBritish English
Title of host publication2014 9th International Symposium on Communication Systems, Networks and Digital Signal Processing, CSNDSP 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages380-383
Number of pages4
ISBN (Electronic)9781479925810
DOIs
StatePublished - 14 Oct 2014
Event2014 9th International Symposium on Communication Systems, Networks and Digital Signal Processing, CSNDSP 2014 - Manchester, United Kingdom
Duration: 23 Jul 201425 Jul 2014

Publication series

Name2014 9th International Symposium on Communication Systems, Networks and Digital Signal Processing, CSNDSP 2014

Conference

Conference2014 9th International Symposium on Communication Systems, Networks and Digital Signal Processing, CSNDSP 2014
Country/TerritoryUnited Kingdom
CityManchester
Period23/07/1425/07/14

Keywords

  • Intrusion detection system
  • NetFPGA
  • Network Security
  • Snort

Fingerprint

Dive into the research topics of 'Framework for a NetFPGA-based snort NIDS'. Together they form a unique fingerprint.

Cite this