Automatic Compilation of Firewall and Intrusion Detection Rules for High-Speed Network Processing Engines

Award Information
Agency: Department of Energy
Branch: N/A
Contract: DE-FG02-04ER84062
Agency Tracking Number: 75500S04-I
Amount: $750,000.00
Phase: Phase II
Program: SBIR
Awards Year: 2005
Solicitation Year: 2004
Solicitation Topic Code: 10 a
Solicitation Number: DOE/SC-0072
Small Business Information
632 Broadway, Suite 803, New York, NY, 10012
DUNS: N/A
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Kenneth Mackenzie
 Dr.
 (212) 780-0527
 kenmac@reservoir.com
Business Contact
 Richard Lethin
Title: Dr.
Phone: (212) 780-0527
Email: lethin@reservoir.com
Research Institution
N/A
Abstract
75500S As networks move to 10 Gbps and beyond (including scientific networks within the Department of Energy) the need arises for high-speed security solutions capable of defending these networks from cyberattacks. The current market supplies no solutions that operate at these speeds. To address this problem, this project will develop a toolchain for automatically rendering signatures from an intrusion detection system (IDS) into high-speed signature detection engines that run on network processors. Phase I demonstrated the feasbility of applying mapping technology to the problem of rendering intrusion detection rulesets onto network processors. A technique was identified for selecting the signature from the space of possible problem framings at compilation-time. Phase II will develop a prototype toolchain for rendering IDS signatures into high-speed signature detection engines that run on network processors. The toolchain, which will target 10 Gbps on next-generation network processors and will be fully automatic, will be validated and verified. Commercial Applications And Other Benefits as described by the awardee: The high-speed signature-detection technology should find use in multiple network applications, especially intrusion detection, spam detection, and deep-inspection firewalls. Because the system will run on network processors rather than fixed-function hardware, the product will have advantages in time-to-market, time-in-market, and price-performance.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government