Abstract
The fast extension of inexpensive computer networks has increased the problem of unauthorized access and tampering with data. As a response to increased threats, many Network-based Intrusion Detection Systems (NIDSs) have been developed, but current NIDSs are barely capable of real-time traffic analysis on Fast Ethernet links. As network technology presses forward, Gigabit Ethernet has become the actual standard for large network installations. Therefore, there is an emerging need for security analysis techniques that can keep up with the increased network throughput. We have made effort to design and implement high-speed IDS that is run as a lower branch of our system named ‘Network Security Control System (NSCS)’. Our IDS named ‘Security Gateway System (SGS)’ has a pattern matching approach through the FPGA (Field Programmable Gate Array) logic and kernel logic as detection mechanism that can be applied to Gigabit-Ethernet links. In this paper, we briefly introduce the whole architecture of our system designed to perform intrusion detection on high-speed links. And then, we present the efficient detection mechanism that is run by cooperation of FPGA logic and kernel logic. In other words, we focus on the network intrusion detection mechanism applied in a lower branch of our system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.: Stateful intrusion detection for high-speed networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 266–274 (2002)
Kim, B.-K., Jang, J.-S., Sohn, S.-W., Chung, T.M.: Design and Implementation of Intrusion Detection System base on Object-Oriented Modeling. In: Proceedings of the International Conference on Security and Management, June 2002, pp. 10–15 (2002)
Debar, H., Dacier, M., Wespi, A.: Research Report Towards a Taxonomy of Intrusion Detection Systems, Technical Report RZ 3030, IBM Research Division, Zurich Research Laboratory (June 1998)
Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proceedings of the 17th National Computer Security Conference, October 1994, pp. 11–21 (1994)
Roesch, M.: Snort-Lightweight Intrusion Detection for Networks. In: Proceedings of the USENIX LISA 1999 Conference (November 1999)
Ranum, M.: Burglar Alarms for Detecting Intrusions, NFR Inc. (1999)
Ptacek, T., Newsham, T.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, Secure Networks Inc. (1998)
ISS. RealSecure Gigabit Network Sensor (September 2002), http://www.iss.net/products_services/enterprise_protection/rsnetwork/gigabitsensor.php
Symantec. ManHunt (2002), http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=156
CISCO. CISCO Intrusion Detection System. Technical Information (November 2001)
Richard Stevens, W.: TCP/IP Illustrated. The Protocols, vol. I. Addison-Wesley, Reading (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, BK., Kim, IK., Kim, KY., Jang, JS. (2004). Design and Implementation of High-Performance Intrusion Detection System. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3046. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24768-5_63
Download citation
DOI: https://doi.org/10.1007/978-3-540-24768-5_63
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22060-2
Online ISBN: 978-3-540-24768-5
eBook Packages: Springer Book Archive