Title :
A Reconfigurable Multi-Byte Regular-Expression Matching Architecture for Signature-Based Intrusion Detection
Author :
Badran, Tamer F. ; Ahmad, Hany H. ; Abdelgawad, Mohamad
Author_Institution :
Electr. Eng. Dept. Fac. of Eng., Assiut Univ., Assiut
Abstract :
String/regular-expression matching is widely used in different applications. Our work is concerned with high-throughput regular-expression matching in the context of intrusion detection systems as it is the most computationally intensive part of the operation. The results, however, should be equally applicable to other domains that require fast regular-expression matching. The major contribution of this paper is a reconfigurable architecture that performs regular-expression matching on a multi-byte per clock cycle basis. We are able to explore the system performance for different byte-processing rates - from 4 to 64 - by automating the VHDL-generation process and implementing the resulting circuits on a general- purpose FPGA. Theoretical expressions for resource usage (cost) as a function of byte-rate and pattern-length are also presented.
Keywords :
digital signatures; field programmable gate arrays; hardware description languages; reconfigurable architectures; security of data; string matching; FPGA; VHDL-generation process; byte processing; reconfigurable architecture; regular-expression matching; signature-based intrusion detection; string-expression matching; Circuits; Clocks; Computer architecture; Computer networks; Field programmable gate arrays; Hardware; Intrusion detection; Reconfigurable architectures; System performance; Throughput; Exact-Pattern Matching; Intrusion Detection; Reconfigurable Architecture; Regular-Expression Matching;
Conference_Titel :
Information and Communication Technologies: From Theory to Applications, 2008. ICTTA 2008. 3rd International Conference on
Conference_Location :
Damascus
Print_ISBN :
978-1-4244-1751-3
Electronic_ISBN :
978-1-4244-1752-0
DOI :
10.1109/ICTTA.2008.4530280
