Sciweavers

Share
FPL
2005
Springer

Snort Offloader: A Reconfigurable Hardware NIDS Filter

9 years 4 months ago
Snort Offloader: A Reconfigurable Hardware NIDS Filter
Software-based Network Intrusion Detection Systems (NIDS) often fail to keep up with high-speed network links. In this paper an FPGA-based pre-filter is presented that reduces the amount of traffic sent to a software-based NIDS for inspection. Simulations using real network traces and the Snort rule set show that a pre-filter can reduce up to 90% of network traffic that would have otherwise been processed by Snort software. The projected performance enables a computer to perform real-time intrusion detection of malicious content passing over a 10Gbps network using FPGA hardware that operates with 10 Gbps of throughput and software that needs only to operate with 1 Gbps of throughput.
Haoyu Song, Todd S. Sproull, Michael Attig, John W
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where FPL
Authors Haoyu Song, Todd S. Sproull, Michael Attig, John W. Lockwood
Comments (0)
books