Skip to main content
SpringerLink
Log in

FPGA Based Intrusion Detection System Against Unknown and Known Attacks

  • Conference paper
Agent Computing and Multi-Agent Systems (PRIMA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4088))

Included in the following conference series:

Abstract

Network intrusion detection systems often rely on matching patterns that are gleaned from known attacks. While this method is reliable and rarely produces false alarms, it has the obvious disadvantage that it cannot detect novel attacks. Accordingly, an alternative approach which can be a combination with pattern matching approach is needed. We have made effort to design and implement high speed protocol anomaly and signature based intrusion detection approach to detect known and unknown attacks. This approach extracts a set of service fields from the application payload where many attacks occur and analyzes the value of fields to verify attack. This approach is implemented on the FPGA (Xilinx Virtex II pro) device to process packet at gigabit-per-second data rates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BoSong, Ye, M., Li, J.: Intrusion Detection Technology Research based High-speed Network. In: IEEE PDCAT 2003 Proceedings (2003)

    Google Scholar 

  2. Enterasys Networks: Intrusion Detection Methodologies Demystified (2003)

    Google Scholar 

  3. Kim, B.-K., Jang, J.-S., Sohn, S.-W., Chung, T.M.: Design and Implementation of Intrusion Detection System base on Object-Oriented Modeling. In: Proceedings of the International Conference on Security and Management (2002)

    Google Scholar 

  4. Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.: Stateful intrusion detection for high-speed networks. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)

    Google Scholar 

  5. Roesch, M.: Snort-Lightweight Intrusion Detection for Networks. In: Proceedings of the USENIX LISA 1999 Conference (1999)

    Google Scholar 

  6. Ranum, M.: Burglar Alarms for Detecting Intrusions. NFR Inc (1999)

    Google Scholar 

  7. Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proceedings of the 17th National Computer Security Conference (1994)

    Google Scholar 

  8. Richard Stevens, W.: TCP/IP Illustrated Volume I: The Protocols. Addison-Wesley, Reading (1994)

    Google Scholar 

  9. Schuehler, D.V., Moscola, J., Lockwood, J.: Architecture for a hardware based, TCP/IP content scanning system, IEEE HOTI (2003)

    Google Scholar 

  10. Kim, B.-K., Kim, I.-K., Kim, K.-Y., Jang, J.-S.: Design and Implementation of High Performance Intrusion Detection System. ICCSA (2004)

    Google Scholar 

  11. Check Point Software Technologies: Multi-Layer Security: Attack Prevention Safeguards and Attacks Blocked, http://cgi.us.checkpoint.com/securitycenter/whitepapers.asp

  12. Krugel, C., Toth, T., Kirda, E.: Service Specific Anomaly Detection for Network Intrusion Detection. In: Symosium on Applied Computing (SAC), ACM Scientific Press, New York (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute, Information Security Research Division, 161 Gajeong-dong, Yuseong-gu, 305-350, Korea

    Dong-Ho Kang, Byoung-Koo Kim, Jin-Tae Oh, Taek-Yong Nam & Jong-Soo Jang

Authors
  1. Dong-Ho Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Byoung-Koo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jin-Tae Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Taek-Yong Nam
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jong-Soo Jang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing

    Zhong-Zhi Shi

  2. Asian Institute of Technology, P.O. Box 4, 12120, Klong Luang, Pathumthani, Thailand

    Ramakoti Sadananda

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kang, DH., Kim, BK., Oh, JT., Nam, TY., Jang, JS. (2006). FPGA Based Intrusion Detection System Against Unknown and Known Attacks. In: Shi, ZZ., Sadananda, R. (eds) Agent Computing and Multi-Agent Systems. PRIMA 2006. Lecture Notes in Computer Science(), vol 4088. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11802372_97

Download citation

  • DOI: https://doi.org/10.1007/11802372_97

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-36707-9

  • Online ISBN: 978-3-540-36860-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation