完整後設資料紀錄
DC 欄位語言
dc.contributor.authorRamirez, Timothy
dc.contributor.authorLo, Chia-Tien Dan
dc.date.accessioned2009-06-02T06:40:08Z
dc.date.accessioned2020-05-25T06:41:50Z-
dc.date.available2009-06-02T06:40:08Z
dc.date.available2020-05-25T06:41:50Z-
dc.date.issued2006-10-16T03:38:14Z
dc.date.submitted2004-12-15
dc.identifier.urihttp://dspace.lib.fcu.edu.tw/handle/2377/1443-
dc.description.abstractThis paper describes the work being done to minimize hardware requirements for a hardware-assisted Network Intrusion Detection System(NIDS). This system will use a core Intrusion Detection System(IDS) in a distributed manner. The distribution is beneficial for two reasons. First, the system will not have a single point at which an attacker can direct attack traffic for the purpose of overloading the IDS. Second, due to the number of attacks and corresponding signatures it is not feasible to design a system using programmable hardware that reconnizes all signatures. The NIDS Snort will be augmented by passing the packet matching function to a Field Programmabe Gate Array(FPGA). Snort's rule set consists of tens of hundard of "signatures" and is decomposed to minimize the capacity of FPGAs necessary to implement the entire rule set. The circuit is based on a Finite Automaton where each character represents a state. First, the rules are broken down to common groups that share similar characters. These groups are then used to decompose the entire rule set into logical sets whose patterns can be matched with a simple string matching circuit. After reducing the rule set by taking advantage of character repetition we are left with about 51% of the states necessary to match all of the patterns. This state reduction translates to a smaller circuit used to match all of the patterns and the circuit can be implemented in as few devices as possible.
dc.description.sponsorship大同大學,台北市
dc.format.extent6p.
dc.format.extent337510 bytes
dc.format.mimetypeapplication/pdf
dc.language.isozh_TW
dc.relation.ispartofseries2004 ICS會議
dc.subject.otherInformation Security
dc.titleRule Set Decomposition for Hardware Network Intrusion Detection
分類:2004年 ICS 國際計算機會議

文件中的檔案:
檔案 描述 大小格式 
ce07ics002004000212.pdf329.6 kBAdobe PDF檢視/開啟


在 DSpace 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。