Abstract—Network Intrusion Detection and Prevention Systems (NIDPSs) are vital in the fight against network intrusions. NIDPSs search for certain malicious content in network traffic (i.e., signatures). Comparing all traffic to these signatures is a challenge for high-speed networks. In this paper, we present the implementation of a 10-Gbps hardware NIDPS and related design issues. This goal of signature detection at high-speed is achieved using a single FPGA, without any external memory. We also implemented and tested a proof-of-concept system with 1-Gbps traffic. A database to store and a web server to display the intrusion alerts from the NIDPS were also developed for this system.
N. Sertac Artan, Rajdip Ghosh, Yanchuan Guo, H. Jo