BROWSE
Detail
Journal Article
H/W based Stateful Packet Inspection using a Novel Session Architecture
Cited - time in 
Share 
Share
- Authors
- Seung Yong Yoon, Byoung Koo Kim, Jin Tae Oh, Jong Soo Jang
- Issue Date
- 2008-11
- Citation
- International Journal of Computers, v.3, no.2, pp.310-319
- ISSN
- 알수없음
- Language
- English
- Type
- Journal Article
- Abstract
- Stateful Packet Inspection (SPI) remember the previous packet and can thus keep track of the state of the session. SPI was originally developed for Firewall. But recently there are various applications such as VPN, NIDS, Traffic Monitoring, and so on. In this paper we focused on Network Intrusion Detection System (NIDS). Because stateless IDS only look at one packet at a time, a lot of false positive alerts generate during attempt to attack using IDS evasion tool, for example, “stick” or “snot”. To prevent this problem, SPI was employed in NIDS and statefulness of NIDS became very important. But most of existing SPI products are software based solutions which have poor performance in current high-speed internet environment. So, in many cases, the SPI module in NIDS remains inactivated. That is against original purpose. Stateful IDS mainly depends on the performance of processing session table and pattern matching. Pattern Matching has been a lot of studied. But, relatively few studies have been devoted to session processing. It is so difficult that we manage a lot of session state information with limited hardware resources and satisfy high-performance. Therefore, our purpose is to design and implement SPI module in FPGA with new session management architecture. And then we prove that can achieve an efficient and fast stateful intrusion detection that supported up to 1 million sessions with high performance.
- KSP Keywords
- Detection Systems(IDS), False Positive(FP), Hardware Resources, High performance, High-speed internet, Network Intrusion Detection System, Packet inspection, Session management, State information, pattern matching, traffic monitoring