簡易檢索 / 詳目顯示

研究生: 黃威智
Wen-Jihi Hwang
論文名稱: 在可程式化系統晶片中實現網路入侵偵測系統之高效能封包分類與比對電路
指導教授: 黃文吉
Hwang, Wen-Jyi
學位類別: 碩士
Master
系所名稱: 資訊工程學系
Department of Computer Science and Information Engineering
論文出版年: 2007
畢業學年度: 95
語文別: 中文
論文頁數: 74
中文關鍵詞: FPGA實作網路入侵偵測系統低硬體資源消耗高效率
英文關鍵詞: FPGA implementation, Network intrusion detection system, lowarea cost, High throughput
論文種類: 學術論文
相關次數: 點閱:159下載:1
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 本論文中所呈現的是在FPGA上實現一個非常有效率的header classification circuit,並且能夠運用於網路入侵偵測系統。Header classification circuit利用一些簡單的shift register與symbol encoder,即可以達到快速且精確的封包檔頭比對。並且與其他現有的電路做比較之後,顯示我們所設計的電路,運用於網路入侵偵測系統並且實作在FPGA上,可以符合高效率與低硬體資源消耗。

    An efficient FPGA-based header classification circuit is proposed for network intrusion detection system (NIDS). The circuit is based on simple shift registers and symbol encoders for the fast packet header classification in hardware. As compared with related work, experimental results show that the proposed work achieves higher throughput and less hardware resource in the FPGA implementations of NIDS systems.

    附圖目錄..................................................vii 附表目錄...................................................xi 第一章 緒論...............................................1 1.1 研究背景...........................................1 1.2 研究動機............................................7 1.3 研究目的............................................8 1.4 全文架構............................................9 第二章 理論背景與基礎電路架構介紹............................10 2.1 理論背景...........................................10 2.1.1 Regular Expression................................10 2.1.2 Content Addressable Memory(CAM) ..................12 2.1.3 Ternary Content Addressable Memory(CAM) ..........14 2.1.4 Shift-or Algorithm................................16 2.2 基礎電路架構介紹....................................19 2.2.1 ROM-based Architecture............................19 2.2.2 Shift-or circuit based on symbol encoder..........24 第三章 高效能封包分類與比對電路..............................29 3.1 簡介..............................................29 3.2 基本電路...........................................30 3.3 高效能電路.........................................35 第四章 實驗數據與效能比較...................................46 4.1 開發平台與測試環境.................................46 4.2 測試結果與討論....................................49 第五章 結論.......................................61 參考著作..................................................62

    [1] M. Aldwairi, T. Conte and P. Franzon, "Con_gurable string matching hardware for speeding up intrusion detection," ACM SIGARCH Computer Architecture News,Vol.
    33, pp.99-107, 2005.

    [2] R. Baeza-Tates and G.H. Gonnet, "A new approach to text searching," Communications of the ACM, Vol. 35, pp.74-82, 1992.

    [3] C. Clark and D. Schimmel, "Scalable multi-pattern matching on high speed networks," Proceedings of the IEEE Symposium on Field- Programmable Custom Computing Machines, pp.249-257, 2004.

    [4] Y.H. Cho and W.H. Mangione-Smith, "Deep packet filter with dedicated logic and read only memories," Proceedings of the IEEE Symposium on Field- Programmable Custom Computing Machines, pp.125-134, 2004.

    [5] V. Dimopoulos, G. Papadopoulos, and D.Pnevmatikatos,"On the importance of header classification in hw/sw network intrusion detection systems," Proceedings of the 10th Panhellenic Conference on Informatics, 2005.

    [6] T. Ramirez and C. D. Lo, "Rule Set Decomposition for Hardware Network Intrusion Detection," in the 2004 International Computer Symposium (ICS 2004),Dec.15-17,
    2004, Taipei, Taiwan, 2004.

    [7] H.C. Roan, C.M. Ou, W.J. Hwang and C.T.D.Lo, "Efficient Logic Circuit for Network Intrusion Detection," Lecture Notes in Computer Science, Vol. 4096,pp.776-784, 2006.

    [8] J. Singaraju, L. Bu and J. A. Chandy, "A signature match processor architecture for network intrusion detection," Proceedings of the IEEE Symposium on Field-
    Programmable Custom Computing Machines, pp.235-242, 2005.

    [9] H. Song and J. Lockwood, "Efficient packet classification for network intrusion detection using FPGAs," Proceedings of the IEEE Symposium on Field-
    Programmable Gate Arrays, pp.238-245, 2005.

    [10] I. Sourdis and D. N. Pnevmatikatos, "Pre-decoded CAMs for efficient and highspeed NIDS pattern matching," Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 258-267, 2004.

    [11] SNORT o_cial web site. http://www.snort.org.

    [12] ALTER official web site. http://www.altera.com

    [13] B. L. Hutchings, R. Franklin & D. Carver.(2002). "Assisting network intrusion detection with reconfigurable hardware."Proceedings of the IEEE Symposium on
    Field-Programmable Custom Computing Machines, 111–120.
    [14] M. Gokhale, D. Dubois, A. Dubois, M. Boorman, S. Poole & V.Hogsett. (2002). "Granidt: towards gigabit rate network intrusion detection technology." Proceedings of the International Conference on Field Programmable Logic and Application,404–413.

    [15] J. Moscola, J. W. Lockwood, R. P. Loui & M. Pachos. (2003)."Implementation of a content-scanning module for an internet firewall." Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines, 31–38.

    [16] Huang-Chun Roan. "A High Performance Circuit Design Applied to Network Intrusion Detection System on a SoPC Platform." National Taiwan Normal University. Graduate Institute of Computer Science and Information Engineering. July 2006.

    QR CODE