IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A fast string searching algorithm
Communications of the ACM
Efficient string matching: an aid to bibliographic search
Communications of the ACM
A String Matching Algorithm Fast on the Average
Proceedings of the 6th Colloquium, on Automata, Languages and Programming
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
A fast string-matching algorithm for network processor-based intrusion detection system
ACM Transactions on Embedded Computing Systems (TECS)
FPGA Based Network Intrusion Detection using Content Addressable Memories
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Gigabit Rate Packet Pattern-Matching Using TCAM
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Efficient packet classification for network intrusion detection using FPGA
Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
SIFT: Snort Intrusion Filter for TCP
HOTI '05 Proceedings of the 13th Symposium on High Performance Interconnects
Efficient memory utilization on network processors for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Network Algorithmics,: An Interdisciplinary Approach to Designing Fast Networked Devices (The Morgan Kaufmann Series in Networking)
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
Intrusion detection systems are promising techniques to improve internet security. A daunting challenge in the design of internet intrusion detection systems is how to perform high-speed string matching operations. This paper presents a string matching architecture, consisting of software based classifiers and hardware based verifiers. Based on incoming packet contents, the packet classifiers can dramatically reduce the number of strings to be matched and accordingly, feed the packet to a proper verifier to conduct matching. The paper presents the proposed classifier architecture and discusses the trade-offs in the classifier design. In addition, techniques, including multi-threading FSM, high-speed FSM interface circuits and interconnects for high-speed verifier implementation on FPGA platforms are discussed. Experimental results are presented to explore the trade-offs between system performance, strings partition granularity and hardware resource cost.