FPGA based approach for signature based antivirus applications

Document Type

Conference Proceeding

Publication Date

6-16-2011

Abstract

The detection of malicious files is an important component of any intrusion detection system. Due to increase in network speeds and new worms being discovered frequently, there arises a need to detect worms on the fly without disassembling or running them. Signature-based detection is considered to be an important technique in anti-virus applications because of its accuracy and lack of false positives. by checking the signatures stored in the database. As the database of signatures increase, the time required to perform the pattern matching operation in software increases. FPGAs(Field Programmable Gate Arrays) present us with ideal platforms for these kinds of pattern matching applications since they are characterized by low cost and short application development cycles. They also provide a right compromise between flexibility of re-programming and capability in operating at high speeds. In this paper we present a design where FPGA is used as a co-processor to help out with signature matching. They can also be extended to perform inline matching where the packets can be inspected for protocol analysis. Copyright © 2011 ACM.

Identifier

79958736362 (Scopus)

ISBN

[9781450304498]

Publication Title

International Conference and Workshop on Emerging Trends in Technology 2011 Icwet 2011 Conference Proceedings

External Full Text Location

https://doi.org/10.1145/1980022.1980300

First Page

1262

Last Page

1263

This document is currently not available here.

Share

COinS