| The future direction for IDS (Intrusion Detection System) is FPGA-based. Network packet classification pays an important role in IDS.In this paper, we first introduce the FPGA technology and its application in information security, next we introduce IDS and FPGA technology used in IDS. We analyze several famous network packet classification algorithm, including software packet classification,BV algorithm,Tree Bitmap algorithm and port range algorithm.We lay a fame work of network packet classification based on FPGA technology and realize the frame work. During the implementation, we introduce an algorithm for packet classification combining TCAM and normal RAM. We use RAM to store the mapping of the rule set, through TCAM matching and rule set mapping, we can easily get the matching result. We also discuss how to optimize the rule set. In addition, we also discuss how to abstract rule from the Snort rule set and normalize them.Finally, we stimulate the packet classification components on Quartus II, and compare the experimental result with other famous classification algorithm. Result shows that our design is better than other algorithm on matching speed and update speed. but it also have disadvantage on space used and cost. |
PDF Full Text Request