Research Of Packet Processing In Gigabit Network Intrusion Prevention System

The fast development of computer network makes our lives more and more convenient. While we are obtaining more and more opportunities from the development of network technology, we have to face with the big challenge of network security. Some technologies and systems have been widely used and deployed, they are playing vital role in network security, such as Firewall, Intrusion Detection System (IDS) and Anti-virus software, etc, but there is still much shortage in network security. On the one hand, the current technologies fall behind the rhythm of network development, that is because of the fast improving network rate and more and more complicate network behaviors; and on the other hand, the technologies have obvious shortcomings in preventing intrusion attack. Therefore, a new technology is strongly needed, and then Intrusion Prevention System (IPS) appears. Especially, Gigabit Network IPS gets much more attentions and will be one of the main technologies in this field. In this thesis, some network security mechanisms are analyzed, and the features, principles, working mode and key techniques are introduced in detail, then a design and implementation scheme of the high efficient and well-performed Gigabit Network IPS is addressed.Gigabit Network IPS is composed of two parts: packet processing and content processing. The main function of packet processing is analyzing protocol, assembling packets, detecting and preventing intrusions in the layer 2-4 of OSI model. Packet processing, which is one of the key techniques of the system, has great influence on performance of the whole system. In this thesis, packet processing in the Gigabit Network IPS is introduced in detail as follows:1. The total solution of the Gigabit Network IPS is introduced in detail, which uses hardware combined with software technology to make sure the performance of IPS, so that it can be run in-line in real time;2. The hardware platform of Gigabit Network IPS is addressed. In this platform, special network processing engine and micro-processor are adopted, which...