A graphics processing unit based network intrusion detection system with bloom filter pattern matching algorithm

Network Intrusion Detection System (NIDS) is a network security system designed and built to detect malicious packets by monitoring the incoming and outgoing network packets. The computer network speed has now reached Gigabit per second (Gbps) due to rapid development of network hardware technologie...

Full description

Saved in:
Bibliographic Details
Main Author: Ong, Wen Jian
Format: Thesis
Language:English
Published: 2015
Subjects:
Online Access:http://eprints.utm.my/id/eprint/48887/25/OngWenJianMFKE2015.pdf
http://eprints.utm.my/id/eprint/48887/
http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:86752
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknologi Malaysia
Language: English
Description
Summary:Network Intrusion Detection System (NIDS) is a network security system designed and built to detect malicious packets by monitoring the incoming and outgoing network packets. The computer network speed has now reached Gigabit per second (Gbps) due to rapid development of network hardware technologies. This project proposes a Graphics Processing Unit (GPU) based NIDS with Bloom Filter pattern matching algorithm. Bloom Filter is a set of data structures to determine if a given piece of data belongs to a set and it is widely used for the pattern matching applications. The system developed is able to support network packets with TCP, UDP and ICMP protocols. The developed system is simulated with Snort NIDS ruleset version 2.9. Experimental results indicate that the throughput achieved is 3.6 Gbps with a false positive probability of 3.04 x 10-8.