By Topic

FPGA based network intrusion detection using content addressable memories

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Long Bu ; Connecticut Univ., Storrs, CT, USA ; J. A. Chandy

In this paper, we introduce a novel architecture for a hardware based network intrusion detection system (NIDS). Current software-based NIDS are too compute intensive and cannot meet the bandwidth requirements of a modern network. Thus, hardware techniques are desired to speed up network processing. This paper introduces a FPGA based keyword match processor that can serve as the core of a hardware based NIDS. The keyword match processor's key feature is a cellular processor architecture that allows content addressable memory (CAM) to process variable sized keys. These CAMs allow us to perform intrusion detection signature lookup at line speed at rates well past 2 Gbps.

Published in:

Field-Programmable Custom Computing Machines, 2004. FCCM 2004. 12th Annual IEEE Symposium on

Date of Conference:

20-23 April 2004