Reconfigurable Hardware Architecture for Network Intrusion Detection System
- 1 Department of ECE PSNA College of Engineering and Technology, Dindigul, TamilNadu, India
Abstract
Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention. The use of reconfigurable hardware for network security applications has great strides as Field Programmable Gate Array (FPGA) devices have provided larger and faster resources. This proposes architecture called “BV-TCAM” is presented, which is implemented for an FPGA-based Network Intrusion Detection Systems (NIDS). The BV-TCAM architecture combines the Ternary Content Addressable Memory (TCAM) and Bit Vector (BV) algorithm to effectively compress the data representation and throughput. A tree bitmap implementation of the BV algorithm is used for source and destination port lookup while a TCAM performs lookup for other header fields, which can be represented as a prefix or exact value. With the aid of small embedded TCAM, packet classification can be implemented in relatively small part of the available logic of an FPGA. The BV-TCAM architecture has been modelled by VHDL. Simulations were performed by MODELSIM. This architecture have to be synthesized and implement our design using Xilinx FPGA device.
DOI: https://doi.org/10.3844/ajassp.2012.1618.1624
Copyright: © 2012 A. Kaleel Rahuman and G. Athisha. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
- 3,525 Views
- 3,137 Downloads
- 3 Citations
Download
Keywords
- Network Intrusion Detection Systems (NIDS)
- Bit Vector (BV)
- Ternary Content Addressable Memory (TCAM)
- Field Programmable Gate Array (FPGA)
- reconfigurable hardware