TCP-stream reassembly and state tracking in hardware
Keywords
PROGRAMMABLE LOGIC; TCP/IP; SECURITY
Abstract
In this paper we consider a new approach to network intrusion detection. Conventional network intrusion detection systems (NIDS) are software based. We propose to selectively implement portions of the functionality of a state-of-the-art software NIDS in reconfigurable hardware. This increases performance even under hostile loads and will enable efficient intrusion detection in future multi-gigabit networks. Specifically, we consider the problem of TCP-stream reassembly. We present a highperformance TCP stream reassembly and state tracking module targeted for incorporation into an agile reconfigurable network interface based on Xilinx Virtex technology.
Year
2002
Reference entry
Necker, M.C.; Contis, D.; Schimmel, D. TCP-stream reassembly and state tracking in hardware
Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM 2002), Napa, CA, April 2002, pp. 286-287