| 高速网络入侵检测系统中包头解析方法 |
| |
| 引用本文: | 肖寅东,王厚军,田书林. 高速网络入侵检测系统中包头解析方法[J]. 仪器仪表学报, 2012, 33(6): 1414-1419 |
| |
| 作者姓名: | 肖寅东 王厚军 田书林 |
| |
| 作者单位: | 电子科技大学自动化工程学院 成都611731 |
| |
| 摘 要: | 针对高速网络传输速度快、协议配置灵活的特点,提出了一种利用硬件进行包头解析的方法。该方法基于有限状态机技术设计四总线框架,可灵活配置多种协议解析模块,解决夹层协议嵌套问题;采用流水线技术优化模块状态迁移任务,使其能够在单时钟周期内完成数据解析与状态管理,提高了包头解析性能。该方法保证了高速网络入侵检测系统的包头解析性能和对可嵌套夹层协议的支持,经过FPGA中综合、布线及静态时序分析,验证该方法具有处理能力强、占用资源少的特点。
|
| 关 键 词: | 高速网络 FPGA 包头解析 可嵌套夹层协议 |
Packet header parsing method in high speed network intrusion detection system |
| |
| Xiao Yindong , Wang Houjun , Tian Shulin. Packet header parsing method in high speed network intrusion detection system[J]. Chinese Journal of Scientific Instrument, 2012, 33(6): 1414-1419 |
| |
| Authors: | Xiao Yindong Wang Houjun Tian Shulin |
| |
| Affiliation: | (School of Automation Engineering,University of Electronic Science and Technology,Chengdu 611731,China) |
| |
| Abstract: | The requirement for deploying network based intrusion detection system(NIDS) in high speed network is analyzed.A packet header parsing method is proposed,which features high transmission throughput and flexible protocol support.Four-bus architecture based on finite state machine(FSM) is applied to support flexible protocols.The FSM module status transition is optimized with pipeline technique in a single clock time,so that the packet header can be parsed in the same pace of input data.This method was implemented and tested in an FPGA,and the result proves that the proposed method not only provides high speed parsing capability,but also supports all kinds of flexible protocols,including shim protocol.Especially,the resource usage of the method is considerably low. |
| |
| Keywords: | high speed network field programmable gate array(FPGA) packet header parser shim protocol |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
