Fast peephole optimization techniques
Software—Practice & Experience
Fast address lookups using controlled prefix expansion
ACM Transactions on Computer Systems (TOCS)
Smart Memories: a modular reconfigurable architecture
Proceedings of the 27th annual international symposium on Computer architecture
Using Peephole Optimization on Intermediate Code
ACM Transactions on Programming Languages and Systems (TOPLAS)
A fast string searching algorithm
Communications of the ACM
Efficient string matching: an aid to bibliographic search
Communications of the ACM
Granidt: Towards Gigabit Rate Network Intrusion Detection Technology
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Specialized Hardware for Deep Network Packet Filtering
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Assisting Network Intrusion Detection with Reconfigurable Hardware
FCCM '02 Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Fast Content-Based Packet Handling for Intrusion Detection
Fast Content-Based Packet Handling for Intrusion Detection
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
Evaluation of the Raw Microprocessor: An Exposed-Wire-Delay Architecture for ILP and Streams
Proceedings of the 31st annual international symposium on Computer architecture
Deep Packet Filter with Dedicated Logic and Read Only Memories
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Methodology for Synthesis of Efficient Intrusion Detection Systems on FPGAs
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Survey and taxonomy of IP address lookup algorithms
IEEE Network: The Magazine of Global Internetworking
Algorithms for packet classification
IEEE Network: The Magazine of Global Internetworking
Trusted hardware: can it be trustworthy?
Proceedings of the 44th annual Design Automation Conference
Design of high performance pattern matching engine through compact deterministic finite automata
Proceedings of the 45th annual Design Automation Conference
Gnort: High Performance Network Intrusion Detection Using Graphics Processors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Robust and fast pattern matching for intrusion detection
INFOCOM'10 Proceedings of the 29th conference on Information communications
A memory-efficient pipelined implementation of the aho-corasick string-matching algorithm
ACM Transactions on Architecture and Code Optimization (TACO)
Accelerating the bit-split string matching algorithm using Bloom filters
Computer Communications
A pattern group partitioning for parallel string matching using a pattern grouping metric
IEEE Communications Letters
Range hash for regular expression pre-filtering
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Deterministic finite automata characterization and optimization for scalable pattern matching
ACM Transactions on Architecture and Code Optimization (TACO)
Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Network Intrusion Detection and Prevention Systems have emerged as one of the most effective ways of providing security to those connected to the network and at the heart of almost every modern intrusion detection system is a string-matching algorithm. String matching is one of the most critical elements because it allows for the system to make decisions based not just on the headers, but the actual content flowing through the network. Unfortunately, checking every byte of every packet to see if it matches one of a set of thousands of strings becomes a computationally intensive task as network speeds grow into the tens, and eventually hundreds, of gigabits/second. To keep up with these speeds, a specialized device is required, one that can maintain tight bounds on worst-case performance, that can be updated with new rules without interrupting operation, and one that is efficient enough that it could be included on-chip with existing network chips or even into wireless devices. We have developed an approach that relies on a special purpose architecture that executes novel string matching algorithms specially optimized for implementation in our design. We show how the problem can be solved by converting the large database of strings into many tiny state machines, each of which searches for a portion of the rules and a portion of the bits of each rule. Through the careful codesign and optimization of our architecture with a new string-matching algorithm, we show that it is possible to build a system that is 10 times more efficient than the currently best known approaches.