基于FPGA的内网安全防护系统关键技术研究

Study on the Key Technology of the Security Guard System for Switched Network Based on FPGA

鉴于目前交换网络中安全防范的不足,提出了基于FPGA硬件的内网安全防护系统。该系统针对交换网络中流行的攻击手段及潜在的安全威胁,实时监听网络流量,发现并终止攻击,同时修复网络,以保障安全。测试结果表明:该系统对局域网内的主要攻击具有检测和防御功能,可以应用在通常的交换网络中实现安全防护。

In order to address the insufficient security ofswitched network, a security guard system based on FPGA is presented. Directed against popular means of attacks and potential security threats in switched network, our approach is that the system monitors every passing-by ethemet packet, identifies and terminates those attacks, at the same time, brings the network back to normal, so that the switched network can be secure. The test results show that the system has the functions of detection and defense for the main attacks in the switched network, and it can be adopted to the general switched network to achieve the security safeguard.