Efficient Hardware Hashing Functions for High Performance Computers
IEEE Transactions on Computers
On improving the worst case running time of the Boyer-Moore string matching algorithm
Communications of the ACM
A fast string searching algorithm
Communications of the ACM
Efficient string matching: an aid to bibliographic search
Communications of the ACM
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Flexible pattern matching in strings: practical on-line search algorithms for texts and biological sequences
Specialized Hardware for Deep Network Packet Filtering
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Implementation of a Content-Scanning Module for an Internet Firewall
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Fast Pattern-Match Engine for Network Processor-based Network Intrusion Detection System
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Implementation Results of Bloom Filters for String Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
A pattern matching coprocessor for network security
Proceedings of the 42nd annual Design Automation Conference
Fast and scalable pattern matching for content filtering
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
ASAP '05 Proceedings of the 2005 IEEE International Conference on Application-Specific Systems, Architecture Processors
A Scalable Architecture For High-Throughput Regular-Expression Pattern Matching
Proceedings of the 33rd annual international symposium on Computer Architecture
Fast and memory-efficient regular expression matching for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Scalable Automaton Matching for High-Speed Deep Content Inspection
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
Journal of Systems Architecture: the EUROMICRO Journal
A fast scalable automaton-matching accelerator for embedded content processors
ACM Transactions on Embedded Computing Systems (TECS)
A computationally efficient engine for flexible intrusion detection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Profiling and accelerating string matching algorithms in three network content security applications
IEEE Communications Surveys & Tutorials
Survey Bloom filter applications in network security: A state-of-the-art survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.01 |
Many network security applications rely on string matching to detect intrusions, viruses, spam, and so on. Since software implementation may not keep pace with the high-speed demand, turning to hardware-based solutions becomes promising. This work presents an innovative architecture to realize string matching in sub-linear time based on algorithmic heuristics, which come from parallel queries to a set of space-efficient Bloom filters. The algorithm allows skipping characters not in a match in the text, and in turn simultaneously inspect multiple characters in effect. The techniques to reduce the impact of certain bad situations on performance are also proposed: the bad-block heuristic, a linear worst-case time method and a non-blocking interface to hand over the verification job to a verification module. This architecture is simulated with both behavior simulation in C and timing simulation in HDL for antivirus applications. The simulation shows that the throughput of scanning Windows executable files for more than 10 000 virus signatures can achieve 5.64 Gb/s, while the worst-case performance is 1.2 Gb/s if the signatures are properly specified.