SSA: a power and memory efficient scheme to multi-match packet classification
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Fast and scalable pattern matching for content filtering
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
High-throughput linked-pattern matching for intrusion detection systems
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Hardware acceleration for database systems using content addressable memories
DaMoN '05 Proceedings of the 1st international workshop on Data management on new hardware
Efficient memory utilization on network processors for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Fast and memory-efficient regular expression matching for deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
An efficient signature representation and matching method for mobile devices
WICON '06 Proceedings of the 2nd annual international workshop on Wireless internet
Memory-efficient content filtering hardware for high-speed intrusion detection systems
Proceedings of the 2007 ACM symposium on Applied computing
Fast data stream algorithms using associative memories
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Ruler: high-speed packet matching and rewriting on NPUs
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Towards graph containment search and indexing
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
Implementing high-speed string matching hardware for network intrusion detection systems
Proceedings of the 16th international ACM/SIGDA symposium on Field programmable gate arrays
Design and analysis of a multipacket signature detection system
International Journal of Security and Networks
Optimization of pattern matching circuits for regular expression on FPGA
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Efficient signature based malware detection on mobile devices
Mobile Information Systems
An Integrated Solution for Policy Filtering and Traffic Anomaly Detection
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Gnort: High Performance Network Intrusion Detection Using Graphics Processors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Ternary CAM power and delay model: extensions and uses
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Fast packet classification for Snort by native compilation of rules
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
VMFence: a customized intrusion prevention system in distributed virtual computing environment
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
A hardware platform for efficient worm outbreak detection
ACM Transactions on Design Automation of Electronic Systems (TODAES)
High-speed string matching for network intrusion detection
International Journal of Communication Networks and Distributed Systems
A TCAM-based solution for integrated traffic anomaly detection and policy filtering
Computer Communications
A Hybrid Parallel Signature Matching Model for Network Security Applications Using SIMD GPU
APPT '09 Proceedings of the 8th International Symposium on Advanced Parallel Processing Technologies
High-performance multi-pattern matching structure in hardware network firewall
AIC'09 Proceedings of the 9th WSEAS international conference on Applied informatics and communications
Optimized memory based accelerator for scalable pattern matching
Microprocessors & Microsystems
Multi-byte Regular Expression Matching with Speculation
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
High speed pattern matching for deep packet inspection
ISCIT'09 Proceedings of the 9th international conference on Communications and information technologies
A new algorithm for pattern matching and unification
FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 7
An independently partial pattern matching for content inspection at multi gigabit networks
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
CompactDFA: generic state machine compression for scalable pattern matching
INFOCOM'10 Proceedings of the 29th conference on Information communications
Scalable NIDS via negative pattern matching and exclusive pattern matching
INFOCOM'10 Proceedings of the 29th conference on Information communications
Robust and fast pattern matching for intrusion detection
INFOCOM'10 Proceedings of the 29th conference on Information communications
Measurouting: a framework for routing assisted traffic monitoring
INFOCOM'10 Proceedings of the 29th conference on Information communications
A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm
ACM Transactions on Architecture and Code Optimization (TACO)
Accelerating the bit-split string matching algorithm using Bloom filters
Computer Communications
Ultra-high throughput string matching for deep packet inspection
Proceedings of the Conference on Design, Automation and Test in Europe
Range hash for regular expression pre-filtering
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
LaFA: lookahead finite automata for scalable regular expression detection
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
GrAVity: a massively parallel antivirus engine
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Performance of FPGA implementation of bit-split architecture for intrusion detection systems
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Network-wide deployment of intrusion detection and prevention systems
Proceedings of the 6th International COnference
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Efficient pattern matching algorithm for memory architecture
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Deterministic finite automata characterization and optimization for scalable pattern matching
ACM Transactions on Architecture and Code Optimization (TACO)
Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system
Computer Networks: The International Journal of Computer and Telecommunications Networking
MIDeA: a multi-parallel intrusion detection architecture
Proceedings of the 18th ACM conference on Computer and communications security
A Multi-dimensional Progressive Perfect Hashing for High-Speed String Matching
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
LEISURE: A Framework for Load-Balanced Network-Wide Traffic Measurement
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
Chain-Based DFA Deflation for Fast and Scalable Regular Expression Matching Using TCAM
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
A multi-gigabit virus detection algorithm using ternary CAM
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
A fast pattern-matching algorithm for network intrusion detection system
NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems
Smart architecture for high-speed intrusion detection and prevention systems
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Novel FPGA-Based signature matching for deep packet inspection
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
MeasuRouting: a framework for routing assisted traffic monitoring
IEEE/ACM Transactions on Networking (TON)
A low-cost and high-performance virus scanning engine using a binary CAM emulator and an MPU
ARC'12 Proceedings of the 8th international conference on Reconfigurable Computing: architectures, tools and applications
Scalable lookahead regular expression detection system for deep packet inspection
IEEE/ACM Transactions on Networking (TON)
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
Deep packet inspection tools and techniques in commodity platforms: Challenges and trends
Journal of Network and Computer Applications
Static patterns matching for high speed networks
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Scalable TCAM-based regular expression matching with compressed finite automata
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Efficient Two Dimensional-IP routing: An incremental deployment design
Computer Networks: The International Journal of Computer and Telecommunications Networking
Fast Regular Expression Matching Using Small TCAM
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
In today's Internet, worms and viruses cause service disruptions with enormous economic impact. Current attack prevention mechanisms rely on end-user cooperation to install new system patches or upgrade security software, yielding slow reaction time. However, malicious attacks spread much faster than users can respond, making effective attack prevention difficult. Network-based mechanisms, by avoiding end-user coordination, can respond rapidly to new attacks. Such mechanisms require the network to inspect the packet payload at line rates to detect and filter those packets containing worm signatures. These signature sets are large (e.g., thousands) and complex. Software-only implementations are unlikely to meet the performance goals. Therefore, making a network-based scheme practical requires efficient algorithms suitable for hardware implementations. This paper develops a Ternary Content Addressable Memory (TCAM) based multiple-pattern matching scheme. The scheme can handle complex patterns, such as arbitrarily long patterns, correlated patterns, and patterns with negation. For the ClamAv virus database with 1768 patterns whose sizes vary from 6 bytes to 2189 bytes, the proposed scheme can operate at a 2 Gbps rate with a 240KB TCAM.