Snort Offloader: A Reconfigurable Hardware NIDS Filter

13 years 10 months ago

Download www.arl.wustl.edu

Software-based Network Intrusion Detection Systems (NIDS) often fail to keep up with high-speed network links. In this paper an FPGA-based pre-ﬁlter is presented that reduces the amount of trafﬁc sent to a software-based NIDS for inspection. Simulations using real network traces and the Snort rule set show that a pre-ﬁlter can reduce up to 90% of network trafﬁc that would have otherwise been processed by Snort software. The projected performance enables a computer to perform real-time intrusion detection of malicious content passing over a 10Gbps network using FPGA hardware that operates with 10 Gbps of throughput and software that needs only to operate with 1 Gbps of throughput.

Haoyu Song, Todd S. Sproull, Michael Attig, John W

Real-time Traffic

FPL 2005 | Intrusion Detection | Software-based Network Intrusion | Software-based Nids |

claim paper

» FTSE The FNPLike TCAM Searching Engine

Post Info
More Details (n/a)

Added	27 Jun 2010
Updated	27 Jun 2010
Type	Conference
Year	2005
Where	FPL
Authors	Haoyu Song, Todd S. Sproull, Michael Attig, John W. Lockwood

Comments (0)

Sciweavers

Snort Offloader: A Reconfigurable Hardware NIDS Filter

FPL 2005 | Intrusion Detection | Software-based Network Intrusion | Software-based Nids |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers