This Small Business Innovation Research (SBIR) Phase II project will dramatically advance performance breakthroughs achieved by utilizing a Multiple Instruction Single Data (MISD) processing model applied to high-speed Intrusion Detection and Prevention System (IDPS) hardware. A multiple-chip implementation of the MISD processing model will further demonstrate the scalability and cost-effectiveness of the technology by increasing IDPS processing capacity to levels while reducing costs for the existing system. Current line speed stateful computations are limited by the cost and scalability of currently available content addressable memories. Ideas derived from memory caching architectures will be adapted to build a novel memory subsystem specifically designed to cost-effectively support critical, stateful, 10 Gbps security applications such as TCP stream reassembly and protocol normalization. Finally, the development of open-source interfaces will extend the use of these innovations to a large community of users who will certainly contribute to the advancement of IDPS technology through inter-organizational collaborative efforts.
Next-generation applications require high-speed network connectivity. For example, supercomputer clustering, medical image delivery, data storage networking, video conferencing, and tele-presence applications all need 10 Gigabit and higher speeds. Unfortunately, public and private communication infrastructures are today being destabilized by security compromises. Network viruses, worms and other attacks can propagate very quickly over the Internet and private networks, disabling commerce and resulting in significant productivity loss. The ability to detect and prevent these attacks from traveling through high speed links is a crucial requirement for fostering their adoption across organizational boundaries. Without proper intrusion detection and prevention, high speed links will introduce severe attacks in information systems and limit the commercial viability and far-reaching benefits of high bandwidth, next-generation applications. This Phase II project will dramatically improve the cost-effectiveness, openness and scalability of high-speed IDPS technology. This will facilitate a broader use of inter-organizational, high-speed connectivity and impact social, economic and educational progress.
