SBIR-STTR Award

This Small Business Innovation Research (SBIR) Phase Iresearch project addresses the need of business and government organizations to monitor and protect their high-speed electronic networks. Current network intrusion detection technologies are based on software or network processors, both of which are essentially serial in nature, and cannot meet the speed requirements of 10 Gbps networks. The proposed research intends to demonstrate the feasibility of using a novel, massively parallel architecture specifically designed for high-speed intrusion detection. The objective of this project is to take an existing intrusion detection acceleration design implemented for 1 Gbps network, and extend it to meet 10 Gbps requirements. Specifically, this research outlines a path to (1) determine the proper architecture extension needed to achieve 10 Gbps throughput, (2) create the actual logic design, and (3) perform simulation to prove that the design can indeed handle 10 Gbps. It is anticipated that the research will show that an extension of the architecture can indeed handle 10 Gbps. An eventual application is to deploy the hardware detection engine in a complete intrusion detection solution and enabling the solution to operate in a live 10 Gbps network. Today's networks are still vulnerable to hackers, cyber criminals, and cyber terrorists. An architecture which can scale with both (1) the increase in the number and complexity of signatures and (2) the increase in network speeds, is needed not only to meet today's security needs, but also to lay out the groundwork for future intrusion detection and other network surveillance systems. Network managers will be able to upgrade the security of their networks in a shorter period of time and at a lower cost

This Small Business Innovation Research (SBIR) Phase II project will dramatically advance performance breakthroughs achieved by utilizing a Multiple Instruction Single Data (MISD) processing model applied to high-speed Intrusion Detection and Prevention System (IDPS) hardware. A multiple-chip implementation of the MISD processing model will further demonstrate the scalability and cost-effectiveness of the technology by increasing IDPS processing capacity to levels while reducing costs for the existing system. Current line speed stateful computations are limited by the cost and scalability of currently available content addressable memories. Ideas derived from memory caching architectures will be adapted to build a novel memory subsystem specifically designed to cost-effectively support critical, stateful, 10 Gbps security applications such as TCP stream reassembly and protocol normalization. Finally, the development of open-source interfaces will extend the use of these innovations to a large community of users who will certainly contribute to the advancement of IDPS technology through inter-organizational collaborative efforts. Next-generation applications require high-speed network connectivity. For example, supercomputer clustering, medical image delivery, data storage networking, video conferencing, and tele-presence applications all need 10 Gigabit and higher speeds. Unfortunately, public and private communication infrastructures are today being destabilized by security compromises. Network viruses, worms and other attacks can propagate very quickly over the Internet and private networks, disabling commerce and resulting in significant productivity loss. The ability to detect and prevent these attacks from traveling through high speed links is a crucial requirement for fostering their adoption across organizational boundaries. Without proper intrusion detection and prevention, high speed links will introduce severe attacks in information systems and limit the commercial viability and far-reaching benefits of high bandwidth, next-generation applications. This Phase II project will dramatically improve the cost-effectiveness, openness and scalability of high-speed IDPS technology. This will facilitate a broader use of inter-organizational, high-speed connectivity and impact social, economic and educational progress.