Realizing a sub-linear time string-matching algorithm with a hardware accelerator using bloom filters

Authors:
Po-Ching Lin;Yin-Dar Lin;Yuan-Cheng Lai;Yi-Jun Zheng;Tsern-Huei Lee
Affiliations:
Department of Computer Science, National Chiao Tung University, Hsinchu, Taiwan;Department of Computer Science, National Chiao Tung University, Hsinchu, Taiwan;Department of Information Management, National Taiwan University of Science and Technology, Taipei, Taiwan;Department of Computer Science, National Chiao Tung University, Hsinchu, Taiwan;Department of Communication Engineering, National Chiao Tung University, Hsinchu, Taiwan
Venue:
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Year:
2009

Citing 24
Cited 1

Efficient Hardware Hashing Functions for High Performance Computers

IEEE Transactions on Computers
On improving the worst case running time of the Boyer-Moore string matching algorithm

Communications of the ACM
A fast string searching algorithm

Communications of the ACM
Efficient string matching: an aid to bibliographic search

Communications of the ACM
Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
Flexible pattern matching in strings: practical on-line search algorithms for texts and biological sequences

Flexible pattern matching in strings: practical on-line search algorithms for texts and biological sequences
Specialized Hardware for Deep Network Packet Filtering

FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Implementation of a Content-Scanning Module for an Internet Firewall

FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Fast Pattern-Match Engine for Network Processor-based Network Intrusion Detection System

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching

FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Implementation Results of Bloom Filters for String Matching

FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Configurable string matching hardware for speeding up intrusion detection

ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
A pattern matching coprocessor for network security

Proceedings of the 42nd annual Design Automation Conference
Fast and scalable pattern matching for content filtering

Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
A Parallel Automaton String Matching with Pre-Hashing and Root-Indexing Techniques for Content Filtering Coprocessor

ASAP '05 Proceedings of the 2005 IEEE International Conference on Application-Specific Systems, Architecture Processors
Architectures for Bit-Split String Scanning in Intrusion Detection

IEEE Micro
A Scalable Architecture For High-Throughput Regular-Expression Pattern Matching

Proceedings of the 33rd annual international symposium on Computer Architecture
Fast and memory-efficient regular expression matching for deep packet inspection

Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Scalable Automaton Matching for High-Speed Deep Content Inspection

AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
A platform-based SoC design and implementation of scalable automaton matching for deep packet inspection

Journal of Systems Architecture: the EUROMICRO Journal
Deep Packet Inspection using Parallel Bloom Filters

IEEE Micro
A fast scalable automaton-matching accelerator for embedded content processors

ACM Transactions on Embedded Computing Systems (TECS)
A computationally efficient engine for flexible intrusion detection

IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Profiling and accelerating string matching algorithms in three network content security applications

IEEE Communications Surveys & Tutorials

Survey Bloom filter applications in network security: A state-of-the-art survey

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.01

Visualization

Abstract

Many network security applications rely on string matching to detect intrusions, viruses, spam, and so on. Since software implementation may not keep pace with the high-speed demand, turning to hardware-based solutions becomes promising. This work presents an innovative architecture to realize string matching in sub-linear time based on algorithmic heuristics, which come from parallel queries to a set of space-efficient Bloom filters. The algorithm allows skipping characters not in a match in the text, and in turn simultaneously inspect multiple characters in effect. The techniques to reduce the impact of certain bad situations on performance are also proposed: the bad-block heuristic, a linear worst-case time method and a non-blocking interface to hand over the verification job to a verification module. This architecture is simulated with both behavior simulation in C and timing simulation in HDL for antivirus applications. The simulation shows that the throughput of scanning Windows executable files for more than 10 000 virus signatures can achieve 5.64 Gb/s, while the worst-case performance is 1.2 Gb/s if the signatures are properly specified.