| Summary: | 碩士 === 國立中央大學 === 資訊管理研究所 === 98 === Also day by day increases along with Internet''s rapid development in network''s application, the relative network security problem also more and more receives along with network''s popularization takes seriously, compared to then becomes the indispensable foundation protection based on the characteristic to it network intrusion detector. However present network intrusion detector is mostly solid does above the software, is opposite enters high speed transmission in the network today to use insufficiently, and the payload content need more computation loads, it also becomes the software compares to the bottleneck. This research using FPGA platform design network intrusion detector achieves by the Standford University and Xilinx cooperate development''s NetFPGA fast compared to the effect, although IC of design has fast on FPGA , but this platform can use the resources are limited, therefore this research saves the resources consumption by decision tree examine header, depends on it to establish the multi-strings group again to it construction to carry on ratio of the payload to the group to be more right than, and filters out the payload in each string groups by the Bloom Filter which does not have suspicion, and the improvement Karp-Rabin Algorithm calculating method reduces the Bloom Filter to have the rate of false alarm, and achieves multi-matching to it effect, this research by way of the experiment proved that this design indeed may the few resources use achieve fast and the effective ratio to the result.
|
|---|
