Chen Nan
  • Master Computer Science, 2004 - 2006
    University of New Brunswick, Canada
  • Bachelor of Computer Science, 1999 - 2003
    Jilin University, P.R.China


Research Topic: Network Intrusion Detection System, Hardware/Software Co-Design

Thesis Research:
An Analysis of a NIDS for Hardware/Software Implementation
Having increased from OC-48(2.4Gbps) to OC-192(10Gbps), backbone link speed up to OC-768(40Gbps) is projected, which has boosted the demand for enhanced services provided by applications delivered over the Internet. These applications require routers to deploy new mechanisms in a secure and efficient way. Packet classification, which categorizes packets into different classes, is such an enabling issue that is very important for a variety of applications such as Quality of Service (QoS), Network Intrusion Detection Systems (NIDS), network traffic measurement and monitoring, etcetera. Therefore, various algorithms and architectures for packet classification have been proposed in both the research literature and commercial market. Although both software and hardware have their own advantages, the existing solutions are not able to meet the requirements of efficiency, scalability and low budget at the same time. In this research work, we conduct an analysis of an existing NIDS and present a partitioning scheme with a System-on-Chip (SoC) architecture for a hardware/software co-designed implementation. In our design, the pattern matching module, which cost 17% of the total execution time of Snort [18], is to implement in hardware. This work is a part of a large project that proposes a new hardware/software architecture for high performance packet classification.


Hobbies: I'm a super soccer fan and kind of a cyber-game fan.

Thesis Supervisor(s):
Eric Aubanel and Ken Kent