About the FPGA-based NIDS project
Project led by PhD. Tran Ngoc Thinh
What is NIDS?
A Network Intrusion Detection System (NIDS) is a system that detects malicious activity by monitoring network traffic.
The increase in attacks from the Internet like viruses, spam, malwares as well as other malicious activities give rise to the need of protection methods which help protecting user’s system. Network intrusion detection system (NIDS) is one of the solutions that can deeply inspect all payloads of packet. Snort [1] is an open source NIDS which has thousands of rules. Each rule defines an attack signature.
Why is FPGA-based NIDS?
The speed of network has reached several gigabits per second (Gbps) and may be higher in the future. Therefore, software NIDS solutions cannot handle. In addition, every string of bytes of the traffic will be compared with a large number of rules which makes the software solutions skip packet due to the limitation in memory. The other solution is hardware implementations using Programmable Logic Array
(PLA) or Field-Programmable Gate Array (FPGA). These hardware solutions can concurrently matching the incoming packet with multiple signature. Among them, FPGA is the most dedicated solution.