Accelerating IDS Using TLS Pre-Filter in FPGA

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F23%3APU149386" target="_blank" >RIV/00216305:26230/23:PU149386 - isvavai.cz</a>

Nalezeny alternativní kódy

RIV/63839172:_____/23:10133633

Výsledek na webu

<a href="https://ieeexplore.ieee.org/document/10218049" target="_blank" >https://ieeexplore.ieee.org/document/10218049</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/ISCC58397.2023.10218049" target="_blank" >10.1109/ISCC58397.2023.10218049</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Accelerating IDS Using TLS Pre-Filter in FPGA

Popis výsledku v původním jazyce

Intrusion Detection Systems (IDSes) are a widely used network security tool. However, achieving sufficient throughput is challenging as network link speeds increase to 100 or 400 Gbps. Despite the large number of papers focusing on the hardware acceleration of IDSes, the approaches are mostly limited to the acceleration of pattern matching or do not support all types of IDS rules. Therefore, we propose hardware acceleration that significantly increases the throughput of IDSes without limiting the functionality or the types of rules supported. As the IDSes cannot match signatures in encrypted network traffic, we propose a hardware TLS pre-filter that removes encrypted TLS traffic from IDS processing and doubles the average processing speed. Implemented on an acceleration card with an Intel Agilex FPGA, the pre-filter supports 100 and 400 Gbps throughput. The hardware design is optimized to achieve a high frequency and to utilize only a few hardware resources.

Název v anglickém jazyce

Accelerating IDS Using TLS Pre-Filter in FPGA

Popis výsledku anglicky

Intrusion Detection Systems (IDSes) are a widely used network security tool. However, achieving sufficient throughput is challenging as network link speeds increase to 100 or 400 Gbps. Despite the large number of papers focusing on the hardware acceleration of IDSes, the approaches are mostly limited to the acceleration of pattern matching or do not support all types of IDS rules. Therefore, we propose hardware acceleration that significantly increases the throughput of IDSes without limiting the functionality or the types of rules supported. As the IDSes cannot match signatures in encrypted network traffic, we propose a hardware TLS pre-filter that removes encrypted TLS traffic from IDS processing and doubles the average processing speed. Implemented on an acceleration card with an Intel Agilex FPGA, the pre-filter supports 100 and 400 Gbps throughput. The hardware design is optimized to achieve a high frequency and to utilize only a few hardware resources.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20206 - Computer hardware and architecture

Projekt

<a href="/cs/project/VJ02010024" target="_blank" >VJ02010024: Analýza šifrovaného provozu pomocí síťových toků</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings - IEEE Symposium on Computers and Communications

ISBN

979-8-3503-0048-2

ISSN

—

e-ISSN

—

Počet stran výsledku

7

Strana od-do

436-442

Název nakladatele

IEEE Computer Society

Místo vydání

Tunis

Místo konání akce

Tunis

Datum konání akce

9. 7. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—