Fast and scalable layer four switching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Fast address lookups using controlled prefix expansion
ACM Transactions on Computer Systems (TOCS)
Capacitated location-allocation problems on a line
Computers and Operations Research
High-speed packet classification for differentiated services in next-generation networks
IEEE Transactions on Multimedia
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Hi-index | 0.00 |
Network intrusion detection systems, which protect high-speed networks, demand both high throughput and scalability to handle new threats. In this paper, we propose a scalable algorithm of multimatch packet classification for network intrusion detection to handle the potentially increasing filters resulted from new threats. The algorithm utilizes the previous idea, which categorizes filters based on distinct length combinations and corresponds each combination to one hash table. The classification procedure consists of d one-dimensional lookups and T hash accesses. We adopt ternary content addressable memory (TCAM) to accomplish the one-dimensional lookups. As compared to the existing schemes, the proposed scheme shows a better leverage between speed and storage performance.