Automatic Compilation of Firewall and Intrusion Detection Rules for High-Speed Network Processing Engines
Department of Energy
Agency Tracking Number:
Solicitation Topic Code:
Small Business Information
Reservoir Labs, Inc.
632 Broadway, Suite 803, New York, NY, 10012
Socially and Economically Disadvantaged:
Abstract75500S As networks move to 10 Gbps and beyond (including scientific networks within the Department of Energy) the need arises for high-speed security solutions capable of defending these networks from cyberattacks. The current market supplies no solutions that operate at these speeds. To address this problem, this project will develop a toolchain for automatically rendering signatures from an intrusion detection system (IDS) into high-speed signature detection engines that run on network processors. Phase I demonstrated the feasbility of applying mapping technology to the problem of rendering intrusion detection rulesets onto network processors. A technique was identified for selecting the signature from the space of possible problem framings at compilation-time. Phase II will develop a prototype toolchain for rendering IDS signatures into high-speed signature detection engines that run on network processors. The toolchain, which will target 10 Gbps on next-generation network processors and will be fully automatic, will be validated and verified. Commercial Applications And Other Benefits as described by the awardee: The high-speed signature-detection technology should find use in multiple network applications, especially intrusion detection, spam detection, and deep-inspection firewalls. Because the system will run on network processors rather than fixed-function hardware, the product will have advantages in time-to-market, time-in-market, and price-performance.
* information listed above is at the time of submission.