ICCD '95 Proceedings of the 1995 International Conference on Computer Design: VLSI in Computers and Processors
Granidt: Towards Gigabit Rate Network Intrusion Detection Technology
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Specialized Hardware for Deep Network Packet Filtering
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Assisting Network Intrusion Detection with Reconfigurable Hardware
FCCM '02 Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Fast Content-Based Packet Handling for Intrusion Detection
Fast Content-Based Packet Handling for Intrusion Detection
Implementation of a Content-Scanning Module for an Internet Firewall
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Biosequence Similarity Search on the Mercury System
ASAP '04 Proceedings of the Application-Specific Systems, Architectures and Processors, 15th IEEE International Conference
Deep Packet Filter with Dedicated Logic and Read Only Memories
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Methodology for Synthesis of Efficient Intrusion Detection Systems on FPGAs
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Scalable Pattern Matching for High Speed Networks
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Implementation Results of Bloom Filters for String Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
A Signature Match Processor Architecture for Network Intrusion Detection
FCCM '05 Proceedings of the 13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Mutable Codesign for Embedded Protocol Processing
FCCM '05 Proceedings of the 13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Automatic Synthesis of Efficient Intrusion Detection Systems on FPGAs
IEEE Transactions on Dependable and Secure Computing
Performance of FPGA implementation of bit-split architecture for intrusion detection systems
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Space Optimization on Counters for FPGA-Based Perl Compatible Regular Expressions
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
A perfect-hashing scheme for fast IP lookup
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 1
A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm
ACM Transactions on Architecture and Code Optimization (TACO)
Range hash for regular expression pre-filtering
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
GrAVity: a massively parallel antivirus engine
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Scalable lookahead regular expression detection system for deep packet inspection
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
In this paper, we consider hardware-based scanning and analyzing packets payload in order to detect hazardous contents. We present two pattern matching techniques to compare incoming packets against intrusion detection search patterns. The first approach, decoded partial CAM (DpCAM), predecodes incoming characters, aligns the decoded data, and performs logical AND on them to produce the match signal for each pattern. The second approach, perfect hashing memory (PHmem), uses perfect hashing to determine a unique memory location that contains the search pattern and a comparison between incoming data and memory output to determine the match. Both techniques are well suited for reconfigurable logic and match about 2200 intrusion detection patterns using a single Virtex2 field-programmable gate-array device. We show that DpCAM achieves a throughput between 2 and 8 Gb/s requiring 0.58-2.57 logic cells per search character. On the other hand, PHmem designs can support 2-5.7 Gb/s using a few tens of block RAMs (630-1404 kb) and only 0.28-0.65 logic cells per character. We evaluate both approaches in terms of performance and area cost and analyze their efficiency, scalability, and tradeoffs. Finally, we show that our designs achieve at least 30% higher efficiency compared to previous work, measured in throughput per area required per search character.