Hardware Efficient Pattern Matching Algorithms and Architectures for Fast Intrusion Detection.
| dc.contributor.advisor | Dr Paul Franzon, Committee Chair | en_US |
| dc.contributor.author | Aldwairi, Monther | en_US |
| dc.date.accessioned | 2010-04-02T18:32:03Z | |
| dc.date.available | 2010-04-02T18:32:03Z | |
| dc.date.issued | 2006-12-08 | en_US |
| dc.degree.discipline | Computer Engineering | en_US |
| dc.degree.level | dissertation | en_US |
| dc.degree.name | PhD | en_US |
| dc.description.abstract | Intrusion detection processors are becoming a predominant feature in the field of network hardware. As demand on more network speed increases and new network protocols emerge, network intrusion detection systems are increasing in importance and are being integrated in network processors. Currently, most intrusion detection systems are software running on a general purpose processor. Unfortunately, it is becoming increasingly difficult for software based intrusion detection systems to keep up with increasing network speeds (OC192 and 10Gbps at backbone networks). Signature-based intrusion detection systems monitor network traffic for security threats by scanning packet payloads for attack signatures. Intrusion detection systems have to run at wire speed and need to be configurable to protect against emerging attacks. This dissertation describes the concept, structure and algorithms for a special purpose hardware accelerator designed to meet those demands. We consider the problem of string matching which is the most computationally intensive task in intrusion detection. A configurable string matching accelerator is developed with the focus on increasing throughput while maintaining the configurability provided by the software intrusion detection systems. A hardware algorithm for efficient data storage and fast retrieval is used to compress, store and retrieve attack signatures. Our algorithms reduce the size of the rules to fit on chip and enables intrusion detection to run at line rates and faster. | en_US |
| dc.identifier.other | etd-12072006-052347 | en_US |
| dc.identifier.uri | http://www.lib.ncsu.edu/resolver/1840.16/3558 | |
| dc.rights | I hereby certify that, if appropriate, I have obtained and attached hereto a written permission statement from the owner(s) of each third party copyrighted matter to be included in my thesis, dis sertation, or project report, allowing distribution as specified below. I certify that the version I submitted is the same as that approved by my advisory committee. I hereby grant to NC State University or its agents the non-exclusive license to archive and make accessible, under the conditions specified below, my thesis, dissertation, or project report in whole or in part in all forms of media, now or hereafter known. I retain all other ownership rights to the copyright of the thesis, dissertation or project report. I also retain the right to use in future works (such as articles or books) all or part of this thesis, dissertation, or project report. | en_US |
| dc.subject | Digital ASIC Design | en_US |
| dc.subject | Network Processors | en_US |
| dc.subject | Network Security | en_US |
| dc.subject | String Matching | en_US |
| dc.subject | FPGA | en_US |
| dc.subject | Hardware Algorithms | en_US |
| dc.subject | Compression Algorithms | en_US |
| dc.subject | Pattern Matching | en_US |
| dc.subject | Snort | en_US |
| dc.subject | Intrusion Detection Systems | en_US |
| dc.title | Hardware Efficient Pattern Matching Algorithms and Architectures for Fast Intrusion Detection. | en_US |
Files
Original bundle
1 - 1 of 1
