To search, Click below search items.


All Published Papers Search Service


Architecture and Mechanisms for Implementing an FPGA-based Stateful Intrusion Detection System


Jin-Tae Oh, Byoung-Koo Kim, Seung-Yong Yoon, Jong-Soo Jang, Yong-Hee Jeon


Vol. 7  No. 5  pp. 110-117


This paper proposes Gigabit IDS to detect and respond against various attacks on high-speed links. Our proposed system has hardware-based stateful intrusion detection architecture that can provide the high-performance detection mechanism. It is possible through the pattern matching and heuristic analysis functions that are processed in FPGA Logic. In this paper, we propose architecture designed to perform intrusion detection on high-speed links with reduced false positive rates. We then present the efficient detection mechanisms for the FPGA-based Reconfiguring Hardware. It is revealed that the prototype has a consistent performance with varying traffic level.


IDS(Intrusion Detection System), network security, SPI(Stateful Packet Inspection), Pattern Matching