跳到主要內容

臺灣博碩士論文加值系統

(3.231.230.177) 您好!臺灣時間:2021/07/27 14:40
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:張凱焯
研究生(外文):Kai-tso Chang
論文名稱:利用處理器陣列架構的侵入式偵測系統
論文名稱(外文):Processor Array Architectures for Intrusion Detection System
指導教授:張燕光
指導教授(外文):Yeim-kuan Chang
學位類別:碩士
校院名稱:國立成功大學
系所名稱:資訊工程學系碩博士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2009
畢業學年度:97
語文別:英文
論文頁數:68
中文關鍵詞:網路侵入式偵測系統字串比對處理器陣列
外文關鍵詞:NIDSprocessor arraypattern matching
相關次數:
  • 被引用被引用:0
  • 點閱點閱:69
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
在最近幾年,有越來越多的惡意攻擊與電腦病毒散佈在網路上。因此,我們需要一個可靠的系統來保護我們的電腦。網路侵入式偵測系統(NIDS)藉由事先定義好的規則來找出這些惡意攻擊。因為字串比對是網路侵入式偵測系統中最主要的部份,我們應該要提供一個有效率且快速的字串比對方法。傳統的字串比對方法是軟體的演算法。然而,以軟體為基礎的網路侵入式偵測系統只能達到較低的速度。隨著網路的快速成長,軟體的解決方法已經不足以應付現今的網路速度。因此,我們發展網路侵入式偵測系統在具有速度優勢的FPGA上。
在這篇論文中,我們使用FPGA替網路侵入式偵測系統發展了一個有效的管線化架構並且擁有快速以及高效能等優點。我們所提的架構改進了Gebali et. al.所提的單一字元字串比對處理器陣列的架構。我們也實做了多字元的架構來增進我們設計的架構的產能。模擬的結果是實做在ertex-5 XC5VLX330T FPGA 晶片上我們的架構在速度上與Gebali et. al.所提的最好的設計2.a相同。但是比起設計2.a我們可以改進百分之二十三的成本。多字元架構的產能能夠達到11.9Gbps。
In recent year, more and more attacks and viruses have spread our the internet. Thus, we need a reliable system to protect our computers. Network Intrusion Detection System (NIDS) is a system developed for identifying attacks by using a set of rule. Because pattern matching is the main part of NIDS, we should provide an efficient and fast pattern matching design. Traditional NIDS using software-based pattern matching design only achieves low throughputs which can not sustain the high speed networks with the fast growth of the internet nowadays.
In this paper, we develop an efficient pipelined architecture for NIDS using FPGA that features the fast-prototyping and high-performance advantages. The proposed architecture improves the processor array design for single-character pattern matching proposed by Gebali et. al. [9]. We also developed the multi-character pipelined architecture to improve the throughput. The simulation results conducted on Vertex-5 XC5VLX330T FPGA chip show that the proposed single-character design has the same speed as the design 2.a, the best design proposed by Gebali et al. [9], but is 23% better than design 2.a in terms of chip area. The proposed 4-character design can achieve a throughput of 11.9 Gbps.
Chapter 1 Introduction.....................1
1.1 Motivation.............................1
1.2 Snort..................................2
1.3 Pattern Matching Problem...............3
Chapter 2 Related Works......................................4
2.1 Software-based solutions...............4
2.1.1 Knuth-Morris-Pratt algorithm..................................4
2.1.2 Aho-Corasick algorithm...............5
2.2 FPGA solution..........................7
2.2.1 Processor array......................8
2.2.2 The algorithm for string matching and its dependence graph......................................8
2.2.3 Timing function.....................10
2.2.4 Dependence Graph Node Projection................................12
2.2.5 Three scheduling vectors...................................13
2.2.6 Design 1 : using scheduling vector [1 1]........................................13
2.2.7 Comparing Design 1.a and 1.b.......................................19
2.2.8 Design 2 using scheduling vector [1 -1]........................................20
2.2.9 Comparing Design 2.a, 2.b and 1.a.......................................25
2.2.10 Design 3 using scheduling vector [1 0]........................................26
2.2.11 Design 3.a and Design 2.a.......................................29
Chapter 3 Proposed Architecture..............................30
3.1 Motivation............................30
3.2 Architecture for scheduling vector [2 X]........................................30
3.3 Analysis of area cost on difference designs...................................33
3.4 Proposed design : using scheduling vector [1 2]........................................37
3.4.1 Proposed design a : using projection matrix [0 1]........................................41
3.4.2 Proposed design b : using projection matrix [1 0]........................................44
3.4.3 Proposed design c and d : using projection matrix [1 1] and [1 -1].............................46
3.5 Multi-character architecture..........49
3.5.1 Multi-character architecture : using projection matrix [0 1].....................................53
3.5.2 Using projection matrix [1 0], [1 1] and [1 -1]........................................55
3.6 Improved architecture.................56
Chapter 4 FPGA Implementation.............58
4.1 Environment...........................58
4.2 Simulation results....................58
Chapter 5 Conclusions and Further Works.....................................65
[1] A. Aho and M. Corasick, “Efficient string matching: An aid to bibliographic search,” Communications of the ACM, vol. 18, no. 6, pp.333-343, June 1975.
[2] Z. K. Baker and V. K. Prasanna “A Computationally Efficient Engine for Flexible Intrusion Detection” In IEEE Transactions on Very Large Scale Integration (VLSI) System, Vol. 13, No. 10, October 2005.
[3] Z. K. Baker and V. K. Prasanna “Automatic Synthesis of Efficient Intrusion Detection Systems on FPGAs” In IEEE Transactions no Dependable and Secure Computing, Vol. 3, No. 4, October-December 2006.
[4] C. R. Clark and D. E. Schimmel. “Scalable Pattern Matching for High Speed Networks” In IEEE Symposium in Field-Programmable Custom Computing Machines,(FCCM), Napa, CA, Apr. 2004.
[5] Yeim-Kuan Chang, Ming-Li Tsai and Yu-Ru Chung, “Multi-Character Processor Array for Pattern Matching in Network Intrusion Detection System” In IEEE 22nd International Conference on Advanced Information Networking and Applications (AINA) 2009
[6] Fayez Gebali, Senior Member and A.N.M. Ehtesham Rafiq, “Processor Array Architecture for Deep Packet Classfication”, In IEEE Transactions on Parallel and Distributed Systems, Vol. 17, No. 3, March 2006
[7] F. El-Guibaly and A. Tawfik, “Mapping 3D IIR Digital Filter onto Systolic Arrays,” Multidimensional Systems and Signal Processing, vol. 7,no. 1,pp. 7-26, Jan1996.
[8] Jian Huang, Zongkai Yang, Xu Du, and Wei Liu, “FPGA based High speed and low area cost pattern matching” In IEEE TENCON 2005.
[9] D. E. Kunth, J. H. M. Jr.,and V.R. Pratt, “Fast Pattern Matching in Strings” SIAM J.
68
Comput., vol. 6, no. 2, pp.323-350, June 1977.
[10] C. H. Lin, C. T. Huang, C. P. Jiang and S. C. Chang “Optimization of Pattern Matching Circuits for Regular Expression on FPGA” In IEEE Transactions on Very Scale Integration (VLSI) System, Vol. 15, No. 12, December 2007.
[11] J. Singaraju, L. Bu and J. A. Chandy, “A Signature Match Processor Architecture for Network Intrusion Detection.” In Proceedings of the 13th Annual IEEE Symposium on Field-Programmable Custom Computing Matchine, 2005.
[12] R. Nidhu and V. K. Prasanna, “Fast Regular Expression Matching Using FPGAs,“ In Proceedings of the 9th Annual IEEE Nymposium on Field-Programmable Custom Computing Machines (FCCM’01), pages 227–238, Rohnert Park, CA, UNA, May 2001.
[13] Snort-the de Facto Standard for Intrusion Detection/Prevention, [Online]. Available: www.snort.org
[14] I Sourdis and D. Pnevematikatos. “Pre-decoded CAMs for efficient and high-speed NIDS pattern matching.” In IEEE Sympsium on Field-Programmable Custom Computing Machines, (FCCM), Napa, Ca, Apr. 2004.
[15] I Sourdis and D. Pnevematikatos. “Scalable Multigigabit Pattern Matching for Packet Inspection” In IEEE Transactions on Very Large Scale Integration (VLSI) System, Vol. 16, No. 2, February 2008.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top