Title :
Flow-aware Cross Packet Inspection using Bloom Filters for High Speed Data-path Content Matching
Author_Institution :
High-End Syst. BU, Juniper Networks India Private Ltd., Bangalore
Abstract :
Content matching based algorithms form the core of many network security devices. It is one of the critical components due to the fact that it allows making decisions based on the actual content flowing through the network. The most important parameters that go into the design of a content matching algorithm are its performance and accuracy of detection. Although this topic had received significant attention in literature over past decade, much of the work was focused on improving the performance. The accuracy of detection was limited within a packet instance. Protocols like TCP do not guarantee that message boundaries are preserved. This can result in a segmented pattern across packets. This paper demonstrates a novel flow-aware content matching algorithm that solves this limitation without compromising the performance.
Keywords :
computer network management; pattern matching; security of data; telecommunication security; bloom filters; flow aware cross packet inspection; high speed data path content matching; network security devices; Computer crime; Computer networks; Data flow computing; Data security; IP networks; Inspection; Matched filters; Pattern matching; Payloads; Protocols;
Conference_Titel :
Advance Computing Conference, 2009. IACC 2009. IEEE International
Conference_Location :
Patiala
Print_ISBN :
978-1-4244-2927-1
Electronic_ISBN :
978-1-4244-2928-8
DOI :
10.1109/IADCC.2009.4809191
