| The Group |
|
| The Students | |
| Current | |
| Alumni |
|
| The Supervisors |
|
| The Publications |
|
| The Resources |
|
| The Lighter Side |
|
 |
Degrees:
|
|
Research Topic: Network Intrusion Detection System, Hardware/Software Co-Design Thesis Research: An Analysis of a NIDS for Hardware/Software Implementation Having increased from OC-48(2.4Gbps) to OC-192(10Gbps), backbone link speed up to OC-768(40Gbps) is projected, which has boosted the demand for enhanced services provided by applications delivered over the Internet. These applications require routers to deploy new mechanisms in a secure and efficient way. Packet classification, which categorizes packets into different classes, is such an enabling issue that is very important for a variety of applications such as Quality of Service (QoS), Network Intrusion Detection Systems (NIDS), network traffic measurement and monitoring, etcetera. Therefore, various algorithms and architectures for packet classification have been proposed in both the research literature and commercial market. Although both software and hardware have their own advantages, the existing solutions are not able to meet the requirements of efficiency, scalability and low budget at the same time. In this research work, we conduct an analysis of an existing NIDS and present a partitioning scheme with a System-on-Chip (SoC) architecture for a hardware/software co-designed implementation. In our design, the pattern matching module, which cost 17% of the total execution time of Snort [18], is to implement in hardware. This work is a part of a large project that proposes a new hardware/software architecture for high performance packet classification. E-mail: chen.nan@unb.ca Hobbies: I'm a super soccer fan and kind of a cyber-game fan. Thesis Supervisor(s): Eric Aubanel and Ken Kent
|
|
