Granidt: Towards Gigabit Rate Network Intrusion Detection Technology
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Specialized Hardware for Deep Network Packet Filtering
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
An Analysis of the Cost Effectiveness of an Adaptable Computing Cluster
Cluster Computing
Efficient packet classification for network intrusion detection using FPGA
Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Proceedings of the 2003 ACM/IEEE conference on Supercomputing
Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
A pattern matching coprocessor for network security
Proceedings of the 42nd annual Design Automation Conference
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
High-throughput linked-pattern matching for intrusion detection systems
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Modeling the data-dependent performance of pattern-matching architectures
Proceedings of the 2006 ACM/SIGDA 14th international symposium on Field programmable gate arrays
Optimization of regular expression pattern matching circuits on FPGA
Proceedings of the conference on Design, automation and test in Europe: Designers' forum
Bit-split string-matching engines for intrusion detection and prevention
ACM Transactions on Architecture and Code Optimization (TACO)
A Scalable Architecture For High-Throughput Regular-Expression Pattern Matching
Proceedings of the 33rd annual international symposium on Computer Architecture
Fast and memory-efficient regular expression matching for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Packet pre-filtering for network intrusion detection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Journal of Systems Architecture: the EUROMICRO Journal
Network anomaly detection with incomplete audit data
Computer Networks: The International Journal of Computer and Telecommunications Networking
Journal of Systems Architecture: the EUROMICRO Journal
Deterministic high-speed root-hashing automaton matching coprocessor for embedded network processor
ACM SIGARCH Computer Architecture News - Special issue on the 2006 reconfigurable and adaptive architecture workshop
Optimization of pattern matching algorithm for memory based architecture
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
Reconfigurable content-based router using hardware-accelerated language parser
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Novel FPGA-based signature match circuit for efficient network intrusion detection
ACOS'07 Proceedings of the 6th Conference on WSEAS International Conference on Applied Computer Science - Volume 6
Regular Expression Matching in Reconfigurable Hardware
Journal of Signal Processing Systems
Hardware implementation for network intrusion detection rules with regular expression support
Proceedings of the 2008 ACM symposium on Applied computing
Exact multi-pattern string matching on the cell/b.e. processor
Proceedings of the 5th conference on Computing frontiers
Designing secure systems on reconfigurable hardware
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Optimization of pattern matching circuits for regular expression on FPGA
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Scalable multigigabit pattern matching for packet inspection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
FPGA based string matching for network processing applications
Microprocessors & Microsystems
Front end device for content networking
Proceedings of the conference on Design, automation and test in Europe
Highly Space Efficient Counters for Perl Compatible Regular Expressions in FPGAs
ARC '08 Proceedings of the 4th international workshop on Reconfigurable Computing: Architectures, Tools and Applications
Design, Debug, Deploy: The Creation of Configurable Computing Applications
Journal of Signal Processing Systems
Compact architecture for high-throughput regular expression matching on FPGA
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Efficient regular expression evaluation: theory to practice
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A Sampling Method for Intrusion Detection System
APNOMS '08 Proceedings of the 11th Asia-Pacific Symposium on Network Operations and Management: Challenges for Next Generation Network Operations and Service Management
A fast scalable automaton-matching accelerator for embedded content processors
ACM Transactions on Embedded Computing Systems (TECS)
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
Regular Expression Pattern Matching Supporting Constrained Repetitions
ARC '09 Proceedings of the 5th International Workshop on Reconfigurable Computing: Architectures, Tools and Applications
Hierarchical state machine architecture for regular expression pattern matching
Proceedings of the 19th ACM Great Lakes symposium on VLSI
High-performance regular expression scanning on the Cell/B.E. processor
Proceedings of the 23rd international conference on Supercomputing
Extending finite automata to efficiently match Perl-compatible regular expressions
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
FPGA-based ROM-free network intrusion detection using shift-OR circuit
Journal of Embedded Computing - Design and Optimization for High Performance Embedded Systems
Reconfigurable Computing: The Theory and Practice of FPGA-Based Computation
Reconfigurable Computing: The Theory and Practice of FPGA-Based Computation
Space Optimization on Counters for FPGA-Based Perl Compatible Regular Expressions
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Software toolchain for large-scale RE-NFA construction on FPGA
International Journal of Reconfigurable Computing - Special issue on selected papers from ReConFig 2008
SCAMPI: a scalable CAM-based algorithm for multiple pattern inspection
Proceedings of the Conference on High Performance Computing Networking, Storage and Analysis
Systolic array for string matching in NIDS
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
A modular NFA architecture for regular expression matching
Proceedings of the 18th annual ACM/SIGDA international symposium on Field programmable gate arrays
Scalable network virtualization using FPGAs
Proceedings of the 18th annual ACM/SIGDA international symposium on Field programmable gate arrays
Synthesis of regular expressions targeting FPGAs: current status and open issues
ARC'07 Proceedings of the 3rd international conference on Reconfigurable computing: architectures, tools and applications
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
An independently partial pattern matching for content inspection at multi gigabit networks
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Design Assurance Strategy and Toolset for Partially Reconfigurable FPGA Systems
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
FPGA based architecture for DNA sequence comparison and database search
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Efficient pattern matching algorithm for memory architecture
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Selective regular expression matching
ISC'10 Proceedings of the 13th international conference on Information security
A computationally efficient engine for flexible intrusion detection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Dynamic data folding with parameterizable FPGA configurations
ACM Transactions on Design Automation of Electronic Systems (TODAES)
A new curriculum for hardware-based network intrusion detection
Proceedings of the 49th Annual Southeast Regional Conference
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
PeRex: A Power Efficient FPGA-based Architecture for Regular Expression Matching
GREENCOM '11 Proceedings of the 2011 IEEE/ACM International Conference on Green Computing and Communications
A high-throughput system architecture for deep packet filtering in network intrusion prevention
ARCS'06 Proceedings of the 19th international conference on Architecture of Computing Systems
Efficient logic circuit for network intrusion detection
EUC'06 Proceedings of the 2006 international conference on Embedded and Ubiquitous Computing
Pattern-unit based regular expression matching with reconfigurable function unit
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Pattern matching acceleration for network intrusion detection systems
SAMOS'05 Proceedings of the 5th international conference on Embedded Computer Systems: architectures, Modeling, and Simulation
Novel FPGA-Based signature matching for deep packet inspection
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Revisiting multiple pattern matching algorithms for multi-core architecture
Journal of Computer Science and Technology - Special issue on Community Analysis and Information Recommendation
Fast submatch extraction using OBDDs
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
NetStage/DPR: A self-reconfiguring platform for active and passive network security operations
Microprocessors & Microsystems
Static patterns matching for high speed networks
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
High throughput constraint repetition for regular expression matching algorithm
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
International Journal of Mobile Network Design and Innovation
| Hi-index | 0.00 |
String matching is used by Network Intrusion Detection Systems (NIDS) to inspect incoming packet payloads for hostile data. String-matching speed is often the main factor limiting NIDS performance. String-matching performance can be dramatically improved by using Field-Programmable Gate Arrays (FPGAs); accordingly, a "regular-expression to FPGA circuit" module generator has been developed. The module generator extracts strings from the Snort NIDS rule-set, generates a regular expression that matches all extracted strings, synthesizes a FPGA-based string matching circuit, and generates an EDIF netlist that can be processed by Xilinx software to create an FPGA bitstream. The feasibility of this approach is demonstrated by comparing the performance of the FPGA-based string matcher against the software-basedGNU regex program. The FPGA-based string matcher exceeds the performance of the software-based system by 600x for large patterns.