以節省記憶體存取為導向之低內建記憶體網路入侵偵測系統設計與實現

Abstract

在本論文中，我們提出了一個以節省記憶體存取為基礎之內低內建記憶體網路入侵偵測系統。我們所提出的入侵偵測系統採用了以下三項技術：(一) 針對外部記憶體的分頁切割法，(二) 雙層級關聯的PIP快取記憶體，(三) 早期的封包過濾機制。經由採用這些技術，我們的系統可以節省記憶體存取並能夠與網路控制器整合。根據實作的結果，我們的系統只需要4.04KB的內建記憶體並擁有2Gbp的偵測速度且在32位元系統最高可以支援4GB的記憶體。

In this work, a low memory access network intrusion detection system (NIDS) with a small on-chip memory is presented. The proposed NIDS employs three techniques: 1) page segmentation scheme in off-chip memory, 2) 2-way set associate pattern information page (PIP) cache, 3) packet pre-filter scheme. By adopting the three techniques, the system can reduce the number of memory accesses and is able to integrate with Ethernet media access controller (MAC). From the implementation result, the proposed NIDS can perform up to 2Gbps intrusion detection speed with only 4.04KB on-chip memory and support up to 4GB memory space in 32-bit system.