By Topic

SPP-NIDS - A Sea of Processors Platform for Network Intrusion Detection Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)

A widely used approach to avoid network intrusion is SNORT, an open source network intrusion detection system (NIDS). This work describes SPP- NIDS, a architecture for intrusion detection supporting SNORT rules. SPP-NIDS is attractive to real-world network intrusion detection, due to its scalability, flexibility and performance features. A parameterizable cluster of simple processors provides system scalability. Hardware NIDSs described in the literature often employ hardwired comparators to verify if the incoming network traffic has data potentially containing intrusion attacks. Such NIDSs must be re-synthesized when a new set of rules is available, which happens frequently. In SPP-NIDS, the rule set defining network intrusion patterns is stored in RAM, enabling its straightforward upgrade. The proposed system, when implemented in a 2-million gate FPGA is able to work at a 100 Mbps network data rate, using the complete set of SNORT rules. If more performance is required, it suffices to scale the system, by adding extra processors.

Published in:

18th IEEE/IFIP International Workshop on Rapid System Prototyping (RSP '07)

Date of Conference:

28-30 May 2007