Research Article Open Access

Reconfigurable Hardware Architecture for Network Intrusion Detection System

A. Kaleel Rahuman1 and G. Athisha1
  • 1 Department of ECE PSNA College of Engineering and Technology, Dindigul, TamilNadu, India

Abstract

Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention. The use of reconfigurable hardware for network security applications has great strides as Field Programmable Gate Array (FPGA) devices have provided larger and faster resources. This proposes architecture called “BV-TCAM” is presented, which is implemented for an FPGA-based Network Intrusion Detection Systems (NIDS). The BV-TCAM architecture combines the Ternary Content Addressable Memory (TCAM) and Bit Vector (BV) algorithm to effectively compress the data representation and throughput. A tree bitmap implementation of the BV algorithm is used for source and destination port lookup while a TCAM performs lookup for other header fields, which can be represented as a prefix or exact value. With the aid of small embedded TCAM, packet classification can be implemented in relatively small part of the available logic of an FPGA. The BV-TCAM architecture has been modelled by VHDL. Simulations were performed by MODELSIM. This architecture have to be synthesized and implement our design using Xilinx FPGA device.

American Journal of Applied Sciences
Volume 9 No. 10, 2012, 1618-1624

DOI: https://doi.org/10.3844/ajassp.2012.1618.1624

Submitted On: 30 April 2012 Published On: 16 August 2012

How to Cite: Rahuman, A. K. & Athisha, G. (2012). Reconfigurable Hardware Architecture for Network Intrusion Detection System. American Journal of Applied Sciences, 9(10), 1618-1624. https://doi.org/10.3844/ajassp.2012.1618.1624

  • 3,415 Views
  • 3,060 Downloads
  • 3 Citations

Download

Keywords

  • Network Intrusion Detection Systems (NIDS)
  • Bit Vector (BV)
  • Ternary Content Addressable Memory (TCAM)
  • Field Programmable Gate Array (FPGA)
  • reconfigurable hardware