針對基於硬體實作網路入侵偵測系統效能評估之系統層級模擬架構

網路入侵偵測系統是一套用來保護電腦不受到惡意使用者的攻擊的受歡迎的安全軟體。基於硬體實作的網路入侵偵測系統使用各種硬體加速器來增加效能，但是傳統的設計方法已經無法滿足設計複雜度快速成長的單晶片系統設計。在這篇論文，我們提出一個基於電子系統層級(Electronic System Level)軟體，ARM RealView SoC Designer的系統層級模擬架構。這個提出的模擬架構既可以更早地驗證網路入侵偵測系統，也可以更容易地評估各種不同架構的網路入侵偵測系統的效能。以這個模擬架構為基礎，我們實作兩個例子，一個是基於軟體實作的MyIDS；另一個是基於硬體實作的HASH HPMM(硬體模式匹配模組 hardware pattern matching module)，並且和Snort比較效能。從實驗的結果可以得知，這個模擬架構可以很容易地評估網路入侵偵測系統的效能並且很快地找出較好的設計。

關鍵字

網路入侵偵測系統；電子系統層級；模式匹配

並列摘要

The network intrusion detection system (NIDS) is a popular security tool to protect computers to from attacks by malicious users. A hardware-based NIDS uses several hardware accelerators to increase performance, but traditional design methodology does not satisfy the rapidly growing design complexity of SoC design. In this thesis, we propose a system-level simulation framework based on an ESL (Electronic System Level) tool, ARM RealView SoC Designer. The proposed framework can verify NIDS early and evaluate performance of various architectures easily. Based on this framework, we implement two cases, software-based MyIDS and hardware-based HASH HPMM (hardware pattern matching module), and compare their performance with Snort. The experimental results show that the simulation framework can evaluate performance of NIDS easily and find better design quickly.

並列關鍵字

intrusion detection system ； electronic system level ； pattern matching

參考文獻

[3]. A. V. Aho and M. J. Corasick. “Efficient string matching: an aid to

[5]. R. S. Boyer and J. S. Moore. “A fast string searching algorithm,”

International Symposium on Field Programmable Gate Arrays, 2006.

“A Hardware Platform for Network Intrusion Detection and Prevention,” In

136-145, 2004.

國際替代計量

針對基於硬體實作網路入侵偵測系統效能評估之系統層級模擬架構

未授權

主題瀏覽