SoC-based abnormal ethernet packet detector with automatic rule-set generator Online publication date: Fri, 22-Apr-2022
by Jiwoong Kang; Jaehyun Park
International Journal of Information and Computer Security (IJICS), Vol. 17, No. 3/4, 2022
Abstract: The importance of a high performance network intrusion detection system (NIDS) has rapidly increased in the modern complex computer network. In order to keep up with the increasing demand for high performance in the fast network, a hardware-based rather than software-based NIDS is necessarily required. In this paper, a system on chip (SoC)-based ethernet packet detector that supports an automatic ruleset generator is proposed. The proposed ruleset generator automatically constructs the whitelist ruleset from the collected ethernet packets. The whitelist ruleset is composed of 6-tuples; MAC address, IP address, and TCP/UDP port number of source and destination network nodes, which has been widely used by the commercial NIDS software. The prototype system has been implemented using the Xilinx's Zynq-7030 SoC running at 250 MHz. The network header of the ethernet packets is compared to the 256 whitelist ruleset within 0.032 μsec, which means that the malicious packets from the abnormal network nodes are filtered out even before the whole packets arrives.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook