crossroadsfpga / pigasus

100Gbps Intrusion Detection and Prevention System
671 stars 76 forks source link

Pigasus 2.0

Pigasus is an Intrusion Detection and Prevention System (IDS/IPS) that achieves 100Gbps using a single FPGA-equipped server. Pigasus' FPGA-first design ensures that most packets are processed entirely using the FPGA, while some packets are sent to the CPU for full evaluation. Refer to the OSDI '20 paper and Zhipeng Zhao's PhD Thesis for details about the design. You can view a presentation by Zhipeng on the Crossroads YouTube Channel.

Compared to Pigasus 1.0, Pigasus 2.0 enables easy customization and more efficient scaling of the Pigasus design. For more details, please refer to the Pigasus_Release.

If you want to run Pigasus as it is, without customization, please go to ./pigasus directly.

Customize Pigasus

Instructions for customizing Pigasus 2.0 (what most users should need) are available in the comments of pigasus.py. After modifying that file run run_pigasus.sh to regenerate the Pigasus 2.0 RTL code in ./pigasus with modifications. Similarly, to customize multi-FPGA Pigasus 2.0 edit pigasus_multi.py and then run run_pigasus_multi.sh to regenerate the multi-FPGA Pigasus RTL code in ./pigasus_multi with modifications. There is also a tutorial.

Directory organization

License

Pigasus is developed at Carnegie Mellon University. The software component (pigasus/software) is adapted from Snort3 and released under the GNU General Public License v2.0. The rest of the components including (pigasus/hardware,pigasus_multi_fpga,fluid) are released under the BSD 3-Clause Clear License.