<strong>Paper Title</strong><br>
Xml-Based Rule-Set Schema For Soc-Based Network Intrusion Detection System<br>
<br>

<strong>Abstract</strong><br>
A high-performance network intrusion detection systems (NIDS) are becoming increasingly important for
network security. For real-time network comparisons, hardware-based rather than software-based NIDS is getting attention.
In this paper, we propose a System on Chip (SoC) based Ethernet packet detector that defines and manages rule-set using
XML schema. When a user enters a rule-set on the desktop, an XML generator is used to generate the XML document and
sent to the NIDS implemented in the SoC. Because it sends rule-set in XML format, it is easy for user to input and it is
possible to transmit several rules at once. The SAX (Simple API XML) type XML parser is implemented in PS, and the ruleset
is written in PL through AXI interface. The prototype of this system was implemented using Xilinx's 250MHz Zynq-
7030 SoC. This real-time packet filtering feature is useful for protecting highly secure network systems, such as industrial
control systems.
Index Terms: XML Schema; SAX XML parser; Network intrusion detection system; SoC;