TITLE:
High Speed and Low Power Architecture for Network Intrusion Detection System
AUTHORS:
Palanisamy Brindha, Athappan Senthilkumar
KEYWORDS:
Intrusion Detection, Bloom Filter, Counting Bloom Filter, False Positive
JOURNAL NAME:
Circuits and Systems,
Vol.7 No.8,
June
8,
2016
ABSTRACT: The tremendous growth in the field of modern communication and network systems places demands on the security. As the network complexity grows, the need for the automated detection and timely alert is required to detect the abnormal activities in the network. To diagnose the system against the malicious signatures, a high speed Network Intrusion Detection System is required against the attacks. In the network security applications, Bloom Filters are the key building block. The packets from the high speed link can be easily processed by Bloom Filter using state- of-art hardware based systems. As Bloom Filter and its variant Counting Bloom Filter suffer from False Positive Rate, Multi Hash Counting Bloom Filter architecture is proposed. The proposed work, constitute parallel signature detection improves the False Positive Rate, but the throughput and hardware complexity suffer. To resolve this, a Multi-Level Ranking Scheme is introduced which deduces the 13% - 16% of the power and increases the throughput to 23% - 30%. This work is best suited for signature detection in high speed network.