25-10-2012, 01:04 PM
Internet Worm and Virus Protection for Very High-Speed Networks
ABSTRACT
The security of the Internet can be improved using reconfigurable hardware. A platform has been implemented that
actively scans and filters Internet traffic at multi-Gigabit/second rates using reconfigurable hardware. Modular components
implemented in FPGA logic process packet headers and scan for signatures of malicious software (malware) carried in packet
payloads. Additional FPGA circuits track the state of Transmission Control Protocol (TCP) flows. Regular Expressions and
fixed-string scanning circuits are implemented in parallel hardware. Dynamic reconfiguration enables remote modules to be
reconfigured to scan for new signatures. Networkwide protection is achieved by the deployment of multiple systems
throughout the Internet.