FPL '00 Proceedings of the The Roadmap to Reconfigurable Computing, 10th International Workshop on Field-Programmable Logic and Applications
Reconfigurable Network Processors Based on Field Programmable System Level Integrated Circuits
FPL '00 Proceedings of the The Roadmap to Reconfigurable Computing, 10th International Workshop on Field-Programmable Logic and Applications
Reconfigurable Router Modules Using Network Protocol Wrappers
FPL '01 Proceedings of the 11th International Conference on Field-Programmable Logic and Applications
A Reconfigurable Approach to Packet Filtering
FPL '01 Proceedings of the 11th International Conference on Field-Programmable Logic and Applications
An FPGA-based coprocessor for ATM firewalls
FCCM '97 Proceedings of the 5th IEEE Symposium on FPGA-Based Custom Computing Machines
Assisting Network Intrusion Detection with Reconfigurable Hardware
FCCM '02 Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Evolvable Internet Hardware Platforms
EH '01 Proceedings of the The 3rd NASA/DoD Workshop on Evolvable Hardware
Rapid Prototyping of a Reusable 4x4 Active ATM Switch Core with the PCI Pamette
RSP '01 Proceedings of the 12th International Workshop on Rapid System Prototyping
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
A pattern matching coprocessor for network security
Proceedings of the 42nd annual Design Automation Conference
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
High-throughput linked-pattern matching for intrusion detection systems
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Modeling the data-dependent performance of pattern-matching architectures
Proceedings of the 2006 ACM/SIGDA 14th international symposium on Field programmable gate arrays
Bit-split string-matching engines for intrusion detection and prevention
ACM Transactions on Architecture and Code Optimization (TACO)
Automatic Synthesis of Efficient Intrusion Detection Systems on FPGAs
IEEE Transactions on Dependable and Secure Computing
Memory-efficient content filtering hardware for high-speed intrusion detection systems
Proceedings of the 2007 ACM symposium on Applied computing
Towards a deep-packet-filter toolkit for securing legacy resources
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Compiling PCRE to FPGA for accelerating SNORT IDS
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
Reconfigurable content-based router using hardware-accelerated language parser
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Hardware implementation for network intrusion detection rules with regular expression support
Proceedings of the 2008 ACM symposium on Applied computing
Optimization of pattern matching circuits for regular expression on FPGA
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Scalable multigigabit pattern matching for packet inspection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
ACS'08 Proceedings of the 8th conference on Applied computer scince
Space Optimization on Counters for FPGA-Based Perl Compatible Regular Expressions
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Self-addressable memory-based FSM: a scalable intrusion detection engine
IEEE Network: The Magazine of Global Internetworking - Special issue title on recent developments in network intrusion detection
Systolic array for string matching in NIDS
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Variable Length Pattern Matching for Hardware Network Intrusion Detection System
Journal of Signal Processing Systems
An independently partial pattern matching for content inspection at multi gigabit networks
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Reconfigurable context-free grammar based data processing hardware with error recovery
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Deterministic finite automata characterization and optimization for scalable pattern matching
ACM Transactions on Architecture and Code Optimization (TACO)
A computationally efficient engine for flexible intrusion detection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system
Computer Networks: The International Journal of Computer and Telecommunications Networking
On the importance of header classification in HW/SW network intrusion detection systems
PCI'05 Proceedings of the 10th Panhellenic conference on Advances in Informatics
Pattern matching acceleration for network intrusion detection systems
SAMOS'05 Proceedings of the 5th international conference on Embedded Computer Systems: architectures, Modeling, and Simulation
Novel FPGA-Based signature matching for deep packet inspection
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
Static patterns matching for high speed networks
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
| Hi-index | 0.00 |
Many computer network provide limited security through simple firewall feature in router and switch. Some networks that require higher security use deep packet filter to capture packets that can not be detected by simple firewall. Deep packet filters use list of rules for determining safety of packets. There is a high degree of parallelism in processing these rules because each rule represent independent pattern matching process. We find that the underlying architecture for existing software and hardware firewalls do not fully take advantage of this parallelism. Thus, we design a deep packet filtering firewall on a field programmable gate array (FPGA) to take advantage of the parallelism while retaining its programmability. Our implementation is capable of processing over 2.88 gigabits per second of network stream on an Altera EP20K series FPGA without manual optimization.