The malicious attacks adversely affect every user over the Internet. This paper proposes an application-specific integrated circuit (ASIC) design with parallel exact matching (PEM) architecture to accelerate the Snort intrusion detection system (IDS). The PEM is half mesh architecture to compare the Snort rules in parallel. The ASIC named snort rule accelerator (SRA) focuses on the TCP protocol to detect the attacks of e-mail and web applications. As shown in post-layout simulation, the ASIC operated at 435 MHz to perform the needs of high speed with 13.9 Gbps system throughputs. So that it resolves the complexity of information security limitation to manage data received from the 10 Gbps core network.

• 出版日期2015
• 单位中国科学院电工研究所