Network intrusion detection using hardware techniques: A review
Loading...
Authors
Abdulhammed, Razan
Faezipour, Miad
Elleithy, Khaled M.
Issue Date
2016-04
Type
Article
Language
en_US
Keywords
Intrusion detection system , Field-programmable gate array (FPGA) , Graphics processing unit (GPU) , Non-deterministic finite automata (NFA) , Deterministic finite automata (DFA) , Pattern matching , Ternary content addressable memory (TCAM) , Application specific integrated circuit (ASIC) , Multicore processors
Alternative Title
Abstract
The increasing amount of network throughput and security threat makes intrusion detection a major research problem. In the literature, intrusion detection has been approached by either a hardware or software technique. This paper reviews and compares hardware based techniques that are commonly used in intrusion detection systems with a special emphasis on modern hardware platforms such as FPGA, GPU, many-core processors and ASIC. It also provides a detailed comparison between these hardware solution platforms. Our approach to classify modern hardware-based Intrusion Detection System (IDS) techniques is based on the detection approach. In addition, we provide a comparison between the classified detection approaches based on essential criteria such as definition, update process, detection ability, features of the system, and implementation requirements. Finally, a classification tree of hardware-based NIDS platforms is given.
Description
Citation
Publisher
IEEE