Abstract
Network intrusion detection system (NIDS) is a major research area for security mechanism. In recent years, the demand for digital systems in network field increase due to the development of 4G technology and high network traffic rate. In this paper, we propose a bit-based pattern matching algorithm with unique SRAM architecture for parallel processing. To reduce the bit transitions during matching process state encoded finite-state machines (FSMs) were used which the main core in the pattern is matching process, where a number of states remain constant over pattern length. To avoid synchronization problem over variable rate pattern match unique controllers are used which is driven by adaptive digital phase locked loop (ADPLL). The functionality is proved through the test bench simulation using Modelsim and power efficiency is verified using FPGA synthesis. In this work, memory size requirements are reduced by 8 times with an early detection scheme and the overall throughput rate is attained in the range of 13 Gbps. Finally, the dynamic power consumption is greatly reduced by 7% through gated logic.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Baker, Z. K. and Prasanna, V.K. 2005. A computationally efficient engine for flexible intrusion detection. IEEE Trans. VLSI Syst. 13, 10, 1179–1189.
Dharmapurikar, S, and Lockwood, J. 2006. Fast and scalable pattern matching for network intrusion detection systems. IEEE J. Sel. Areas Comm. 24, 10, 1781–1792.
A. V. Aho, M. J. Corasick, Efficient string matching: an aid to bibliographic search, Comm. of the ACM, Vol. 18, No. 6, pp. 333–340, (1975).
Tuck, N., Sherwood, T., Calder, B., and Varghese, G. 2004. Deterministic memory-efficient string matching algorithms for intrusion detection. In the 23rd Conference of the IEEE Communications Society (Infocomm).
Xu, J., Kalbarczyk, Z., Patel, S., and Iyer, R. K. 2002. Architecture support for defending against buffer overflow attacks. In Workshop on Evaluating and Architecting Systems for Dependability.
I. Sourdis and D. Pnevmatikatos. Fast, large-scale string match for a 10gbps FPGA-based network intrusion. FPL, 2003:880–889, (2003).
http://www.stoimen.com/blog/2012/03/27/computer-algorithms-brute-force-stringmatching.
Boyer, R. S. And Moore, J. S. 1977. A fast string searching algorithm. Communications of the ACM 20, 10, 761–772.
Vasiliadis, G., Polychronakis, M., Antonatos, S., Markatos, E.P. and Ioannidis, S. (2009) Regular expression matching on graphics hardware for intrusion detection. In Kirda, E., Jha, S. and Balzarotti, D. (eds.), RAID 2009, Lecture Notes in Computer Science (vol. 5785), pp. 265–283. Springer, Berlin, Heidelberg.
Ho., J.T.L, and Lemieux, G.G.F. (2008) PERG: a scalable FPGA-based pattern-matching engine with consolidated Bloomier filters. Int. Conf. Field-Programmable Technology, Taipei, Taiwan, December 7–11, pp. 73–80.
L. Tan and T. Sherwood. A high throughput string matching architecture for intrusion detection and prevention. In ISCA ’05: Proceedings of the 32nd annual international symposium on Computer Architecture, pages 112–122, Washington, DC, USA, 2005. IEEE Computer Society.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Nagaraju, S., Sudhakara Reddy, P. (2018). High-Throughput Low-Power Variable Rate Network Intrusion Detection System Using Unique SRAM Controller. In: Satapathy, S., Bhateja, V., Chowdary, P., Chakravarthy, V., Anguera, J. (eds) Proceedings of 2nd International Conference on Micro-Electronics, Electromagnetics and Telecommunications. Lecture Notes in Electrical Engineering, vol 434. Springer, Singapore. https://doi.org/10.1007/978-981-10-4280-5_18
Download citation
DOI: https://doi.org/10.1007/978-981-10-4280-5_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4279-9
Online ISBN: 978-981-10-4280-5
eBook Packages: EngineeringEngineering (R0)