ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper Design and Implementation of High-Performance Intrusion Detection System
Cited 2 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Byoung Koo Kim, Ik Kyun Kim, Ki Young Kim, Jong Soo Jang
Issue Date
2004-05
Citation
International Conference on Computational Science and Its Applications (ICCSA) 2004 (LNCS 3046), v.3046, pp.594-602
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1007/978-3-540-24768-5_63
Abstract
The fast extension of inexpensive computer networks has increased the problem of unauthorized access and tampering with data. As a response to increased threats, many Network-based Intrusion Detection Systems (NIDSs) have been developed, but current NIDSs are barely capable of real-time traffic analysis on Fast Ethernet links. As network technology presses forward, Gigabit Ethernet has become the actual standard for large network installations. Therefore, there is an emerging need for security analysis techniques that can keep up with the increased network throughput. We have made effort to design and implement high-speed IDS that is run as a lower branch of our system named 'Network Security Control System (NSCS)'. Our IDS named 'Security Gateway System (SGS)' has a pattern matching approach through the FPGA (Field Programmable Gate Array) logic and kernel logic as detection mechanism that can be applied to Gigabit-Ethernet links. In this paper, we briefly introduce the whole architecture of our system designed to perform intrusion detection on high-speed links. And then, we present the efficient detection mechanism that is run by cooperation of FPGA logic and kernel logic. In other words, we focus on the network intrusion detection mechanism applied in a lower branch of our system. © Springer-Verlag Berlin Heidelberg 2004.