Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Soft and hard combined intrusion detection system and method

An intrusion detection system, a combination of software and hardware technology, applied in the field of network security, can solve problems such as computational complexity

Active Publication Date: 2021-11-26
SHENZHEN FORWARD IND CO LTD
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the time and space complexity of the rule matching algorithm is closely related to the size of the rule set, the expansion of the IDS feature library brings serious computational complexity problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Soft and hard combined intrusion detection system and method
  • Soft and hard combined intrusion detection system and method
  • Soft and hard combined intrusion detection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The specific embodiments of the present invention are described below so that those skilled in the art can understand the present invention, but it should be clear that the present invention is not limited to the scope of the specific embodiments. For those of ordinary skill in the art, as long as various changes Within the spirit and scope of the present invention defined and determined by the appended claims, these changes are obvious, and all inventions and creations using the concept of the present invention are included in the protection list.

[0058] A combination of software and hardware intrusion detection system, such as figure 1 As shown, including: network interface card, FPGA, tri-state content addressable memory TCAM and CPU, wherein,

[0059] Described network interface card is used for introducing network flow, and the network flow of introduction is sent to FPGA;

[0060] Described FPGA is used for carrying out message parsing and distribution to the n...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a soft and hard combined intrusion detection system, which comprises a network interface card, an FPGA, a ternary content addressable memory (TCAM) and a CPU, and also provides an intrusion detection method based on the system. The FPGA is used for carrying out message analysis on introduced network flow, and the analyzed message is sent to the TCAM. Primary rule matching is performed on the content of the message obtained in the step S2 by utilizing the TCAM, a matching result of a hit rule is fed back to the FPGA, hash shunting is performed on the message of the hit rule according to a source-target IP address of the message, and the message is sent to the CPU for secondary rule matching. Through the above mode, TCAM head and tail table items are used for matching, a CPU flow management module does not need to cache all messages of one flow, all the messages are cached only under the condition that head and tail table entries are hit, and only the current message is cached under the condition that the head and tail table entries are not hit. The memory of the equipment is greatly saved, the overhead of stream recombination is reduced, and the overall processing performance of the equipment is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to an intrusion detection system and method combining software and hardware. Background technique [0002] With the continuous improvement of network bandwidth and traffic, the performance of IDS implemented by software is difficult to meet the requirements. How to quickly compare the message information with the content in the signature database to detect attack behavior has become the key to affecting the performance of the entire system. [0003] With the continuous emergence of new network intrusion means, the complexity of the IDS signature database is also increasing, and the increasing complexity of the signature database brings about the continuous improvement of processing complexity. Due to the continuous emergence of various new network intrusion methods, the number of IDS rules is also increasing. Since the time and space complexity of the rule matching algorithm is clos...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1408
Inventor 詹晋川张帆周志远张文
Owner SHENZHEN FORWARD IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products