A pattern matching coprocessor for deep and large signature set in network security system

Author

Wu, Chih-Chiang ; Wen, Sung-Hua ; Huang, Nen-Fu ; Kao, Chia-Nan

Author_Institution

Comput. & Commun. Res. Center, Nat. Tsing Hua Univ., Hsinchu, Taiwan

Volume

3

fYear

2005

fDate

28 Nov.-2 Dec. 2005

Abstract

As the network is growing fast and the viruses are spreading around the network more frequently, network intrusion prevention system (NIPS) is becoming more and more important. The traditional way for intrusion prevention is done by pure software solution with high performance CPU. However, this method is out of date, when gigabit network is booming and the high performance throughput is required. In recent years, the programmable hardware solutions have been proposed but they cannot deal with deep and large amount of pattern matching and are lack of flexibility when signatures are growing up. In this paper, we propose a novel pattern-matching coprocessor that overcomes the difficulties in TCAM implementation when pattern length is deep and signature set is large. Since patterns are all stored in TCAM, it is a scalable and flexible system.

Keywords

computer networks; coprocessors; pattern matching; security of data; telecommunication security; gigabit network; network intrusion prevention system; network security system; pattern matching coprocessor; programmable hardware solutions; signature set; ternary content addressable memory; Communication system security; Computer viruses; Coprocessors; Field programmable gate arrays; Hardware; Intelligent networks; Intrusion detection; National security; Pattern matching; Throughput;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference, 2005. GLOBECOM '05. IEEE

Print_ISBN

0-7803-9414-3

Type

conf

DOI

10.1109/GLOCOM.2005.1577957

Filename

1577957