상세정보
학술대회
Design and Implementation of High-Performance Intrusion Detection System
- 발행일
- 200405
- 출처
- International Conference on Computational Science and Its Applications (ICCSA) 2004 (LNCS 3046), v.3046, pp.594-602
- 협약과제
- 04MK1100, 고성능 네트워크 정보보호시스템 개발, 손승원
- 초록
- The fast extension of inexpensive computer networks has increased the problem of unauthorized access and tampering with data. As a response to increased threats, many Network-based Intrusion Detection Systems (NIDSs) have been developed, but current NIDSs are barely capable of real-time traffic analysis on Fast Ethernet links. As network technology presses forward, Gigabit Ethernet has become the actual standard for large network installations. Therefore, there is an emerging need for security analysis techniques that can keep up with the increased network throughput. We have made effort to design and implement high-speed IDS that is run as a lower branch of our system named 'Network Security Control System (NSCS)'. Our IDS named 'Security Gateway System (SGS)' has a pattern matching approach through the FPGA (Field Programmable Gate Array) logic and kernel logic as detection mechanism that can be applied to Gigabit-Ethernet links. In this paper, we briefly introduce the whole architecture of our system designed to perform intrusion detection on high-speed links. And then, we present the efficient detection mechanism that is run by cooperation of FPGA logic and kernel logic. In other words, we focus on the network intrusion detection mechanism applied in a lower branch of our system. © Springer-Verlag Berlin Heidelberg 2004.
- KSP 제안 키워드
- Computer network, Control systems, Fast extension, Field Programmable Gate Arrays(FPGA), Gigabit Ethernet, High performance, Intrusion Detection Systems(IDSs), Intrusion detection system(IDS), Large network, Matching approach, Network Intrusion Detection