DPICO: a high speed deep packet inspection engine using compact finite automata
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Hierarchical multi-pattern matching algorithm for network content inspection
Information Sciences: an International Journal
Deflating the big bang: fast and scalable deep packet inspection with extended finite automata
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
A method to implement effective My-page service system using three-dimensional vectors
International Journal of Computer Applications in Technology
A Hybrid Parallel Signature Matching Model for Network Security Applications Using SIMD GPU
APPT '09 Proceedings of the 8th International Symposium on Advanced Parallel Processing Technologies
Multi-byte Regular Expression Matching with Speculation
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
A scalable bloom filter based prefilter and hardware-orientedpredispatcher
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm
ACM Transactions on Architecture and Code Optimization (TACO)
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
FPGA based approach for signature based antivirus applications
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Novel FPGA-Based signature matching for deep packet inspection
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Fast dynamic multiple-set membership testing using combinatorial bloom filters
IEEE/ACM Transactions on Networking (TON)
Reconfigurable accelerator for the word-matching stage of BLASTN
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
A pattern-matching scheme with high throughput performance and low memory requirement
IEEE/ACM Transactions on Networking (TON)
Survey Bloom filter applications in network security: A state-of-the-art survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.07 |
High-speed packet content inspection and filtering devices rely on a fast multipattern matching algorithm which is used to detect predefined keywords or signatures in the packets. Multipattern matching is known to require intensive memory accesses and is often a performance bottleneck. Hence, specialized hardware-accelerated algorithms are required for line-speed packet processing. We present hardware-implementable pattern matching algorithm for content filtering applications, which is scalable in terms of speed, the number of patterns and the pattern length. Our algorithm is based on a memory efficient multihashing data structure called Bloom filter. We use embedded on-chip memory blocks in field programmable gate array/very large scale integration chips to construct Bloom filters which can suppress a large fraction of memory accesses and speed up string matching. Based on this concept, we first present a simple algorithm which can scan for several thousand short (up to 16 bytes) patterns at multigigabit per second speeds with a moderately small amount of embedded memory and a few mega bytes of external memory. Furthermore, we modify this algorithm to be able to handle arbitrarily large strings at the cost of a little more on-chip memory. We demonstrate the merit of our algorithm through theoretical analysis and simulations performed on Snort's string set