Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
Fast and scalable pattern matching for content filtering
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Modeling the data-dependent performance of pattern-matching architectures
Proceedings of the 2006 ACM/SIGDA 14th international symposium on Field programmable gate arrays
Bit-split string-matching engines for intrusion detection and prevention
ACM Transactions on Architecture and Code Optimization (TACO)
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Advanced algorithms for fast and scalable deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Packet pre-filtering for network intrusion detection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Journal of Systems Architecture: the EUROMICRO Journal
Memory-efficient content filtering hardware for high-speed intrusion detection systems
Proceedings of the 2007 ACM symposium on Applied computing
A high performance NIDS using FPGA-based regular expression matching
Proceedings of the 2007 ACM symposium on Applied computing
Journal of Systems Architecture: the EUROMICRO Journal
Deterministic high-speed root-hashing automaton matching coprocessor for embedded network processor
ACM SIGARCH Computer Architecture News - Special issue on the 2006 reconfigurable and adaptive architecture workshop
Curing regular expressions matching algorithms from insomnia, amnesia, and acalculia
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
C is for circuits: capturing FPGA circuits as sequential code for portability
Proceedings of the 16th international ACM/SIGDA symposium on Field programmable gate arrays
Novel FPGA-based signature match circuit for efficient network intrusion detection
ACOS'07 Proceedings of the 6th Conference on WSEAS International Conference on Applied Computer Science - Volume 6
Regular Expression Matching in Reconfigurable Hardware
Journal of Signal Processing Systems
Optimization of pattern matching circuits for regular expression on FPGA
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Scalable multigigabit pattern matching for packet inspection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
FPGA based string matching for network processing applications
Microprocessors & Microsystems
Multilevel Pattern Matching Architecture for Network Intrusion Detection and Prevention System
ICESS '07 Proceedings of the 3rd international conference on Embedded Software and Systems
Efficient signature matching with multiple alphabet compression tables
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Efficient regular expression evaluation: theory to practice
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Fast Signature Matching Using Extended Finite Automaton (XFA)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A fast scalable automaton-matching accelerator for embedded content processors
ACM Transactions on Embedded Computing Systems (TECS)
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
FPGA-based ROM-free network intrusion detection using shift-OR circuit
Journal of Embedded Computing - Design and Optimization for High Performance Embedded Systems
Design and performance evaluation of an adaptive FPGA for network applications
Microelectronics Journal
Space Optimization on Counters for FPGA-Based Perl Compatible Regular Expressions
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Memory-efficient distribution of regular expressions for fast deep packet inspection
CODES+ISSS '09 Proceedings of the 7th IEEE/ACM international conference on Hardware/software codesign and system synthesis
Systolic array for string matching in NIDS
AsiaCSN '07 Proceedings of the Fourth IASTED Asian Conference on Communication Systems and Networks
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Compact DFA structure for multiple regular expressions matching
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm
ACM Transactions on Architecture and Code Optimization (TACO)
Accelerating the bit-split string matching algorithm using Bloom filters
Computer Communications
Hardware parallelism vs. software parallelism
HotPar'09 Proceedings of the First USENIX conference on Hot topics in parallelism
Fast regular expression matching in hardware using NFA-BDD combination
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
GrAVity: a massively parallel antivirus engine
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Efficient pattern matching algorithm for memory architecture
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
A computationally efficient engine for flexible intrusion detection
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
MIDeA: a multi-parallel intrusion detection architecture
Proceedings of the 18th ACM conference on Computer and communications security
A high-throughput system architecture for deep packet filtering in network intrusion prevention
ARCS'06 Proceedings of the 19th international conference on Architecture of Computing Systems
Efficient logic circuit for network intrusion detection
EUC'06 Proceedings of the 2006 international conference on Embedded and Ubiquitous Computing
On the importance of header classification in HW/SW network intrusion detection systems
PCI'05 Proceedings of the 10th Panhellenic conference on Advances in Informatics
Pattern matching acceleration for network intrusion detection systems
SAMOS'05 Proceedings of the 5th international conference on Embedded Computer Systems: architectures, Modeling, and Simulation
Novel FPGA-Based signature matching for deep packet inspection
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Managing DFA History with Queue for Deflation DFA
Journal of Network and Systems Management
Revisiting multiple pattern matching algorithms for multi-core architecture
Journal of Computer Science and Technology - Special issue on Community Analysis and Information Recommendation
NetStage/DPR: A self-reconfiguring platform for active and passive network security operations
Microprocessors & Microsystems
FPGA-based cuckoo hashing for pattern matching in NIDS/NIPS
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
International Journal of Mobile Network Design and Innovation
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Scalable TCAM-based regular expression matching with compressed finite automata
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Multi-character cost-effective and high throughput architecture for content scanning
Microprocessors & Microsystems
| Hi-index | 0.00 |
In this paper we advocate the use of pre-decoding for CAM-based pattern matching. We implement an FPGA based sub-system for NIDS (Snort) pattern matching using a combination of techniques. First, we reduce the area cost of character matching using (i) character pre-decoding before they are compared in the CAM line, and (ii) efficient shift register implementation using the SRL16 Xilinx cell. Then we achieve high operating frequencies by (iii) using fine grain pipelining for faster circuits and (iv) decoupling the data distribution network from the processing components. Our results show that for matching more than 18,000 characters (the entire SNORT rule set) our implementation requires an area cost of less than 1.1 logic cells per matched character, achieving an operating frequency of about 375 MHz (3 Gbps) on a Virtex2 device. When using quad parallelism to increase the matching throughput, the area cost of a single matched character is reduced to less than one logic cell for a throughput of almost 10 Gbps.