This thesis introduces a novel FPGA based signature match co-processor that can serve as the core of a hardware-based network intrusion detection system (NIDS). The central idea of the signature match co-processor is an architecture based on the shift-or algorithm, which utilizes simple shift registers, OR gates, and ROMs where patterns are stored. Moreover, the architecture can be improved further by the removal of the ROM. The proposed architecture has been prototyped, simulated and synthesized by the Altera Stratix FPGA. Experimental results reveal that the circuit with processing two characters at a time attains the throughput up to 6.75 Gbits/sec with area cost of 0.7 logic elements (LEs) per character. The circuit with processing four input characters at a time achieves the throughput up to 9.2 Gbits/sec with area cost of 2.75 LE per character. As proposed architecture achieves higher throughput and less hardware resource in the FPGA implementations of NIDS.