Anand, T and Varghese, Kuruvilla and Waghela, Yagnesh (2011) A scalable network port scan detection system on FPGA. In: 2011 International Conference on Field-Programmable Technology (FPT), 12-14 Dec. 2011, New Delhi.
PDF
Int_Con_Fie_Prog_ Tech_1_2011.pdf - Published Version Restricted to Registered users only Download (1MB) | Request a copy |
Abstract
With ever increasing network speed, scalable and reliable detection of network port scans has become a major challenge. In this paper, we present a scalable and flexible architecture and a novel algorithm, to detect and block port scans in real time. The proposed architecture detects fast scanners as well as stealth scanners having large inter-probe periods. FPGA implementation of the proposed system gives an average throughput of 2 Gbps with a system clock frequency of 100 MHz on Xilinx Virtex-II Pro FPGA. Experimental results on real network trace show the effectiveness of the proposed system in detecting and blocking network scans with very low false positives and false negatives.
Item Type: | Conference Paper |
---|---|
Publisher: | IEEE |
Additional Information: | Copyright of this article belongs to IEEE. |
Department/Centre: | Division of Electrical Sciences > Electronic Systems Engineering (Formerly Centre for Electronic Design & Technology) |
Date Deposited: | 07 Mar 2013 12:19 |
Last Modified: | 07 Mar 2013 12:19 |
URI: | http://eprints.iisc.ac.in/id/eprint/45930 |
Actions (login required)
View Item |