High-throughput ASIC design for e-mail and web intrusion detection

Abstract

The malicious attacks adversely affect every user over the Internet. This paper proposes an application-specific integrated circuit (ASIC) design with parallel exact matching (PEM) architecture to accelerate the Snort intrusion detection system (IDS). The PEM is half mesh architecture to compare the Snort rules in parallel. The ASIC named snort rule accelerator (SRA) focuses on the TCP protocol to detect the attacks of e-mail and web applications. As shown in post-layout simulation, the ASIC operated at 435 MHz to perform the needs of high speed with 13.9 Gbps system throughputs. So that it resolves the complexity of information security limitation to manage data received from the 10 Gbps core network.