One Algorithm to Match Them All: On a Generic NIPS Pattern Matching Algorithm

Author

Weinsberg, Yaron ; Tzur-David, Shimrit ; Dolev, Danny ; Anker, Tal

Author_Institution

Hebrew Univ. Of Jerusalem, Jerusalem

fYear

2007

fDate

May 30 2007-June 1 2007

Firstpage

1

Lastpage

6

Abstract

Today´s network intrusion prevention systems (NIPS) provide an important defense mechanism against security threats. The detection of network attacks utilizes a highspeed pattern matching algorithm that can be implemented in either hardware or software. Adapting a software-based pattern matching algorithm to hardware-based device is a complicated task. This paper presents a cost effective multi-pattern matching algorithm based on Field Programmable Gate Arrays (FPGAs) and standard RAM. The algorithm achieves line-rate speed, which is several orders of magnitude faster than the current state of the art, while attaining similar accuracy of detection. The algorithm can be easily adapted to operate in hardware-based NIPS and attain even higher speed by utilizing a TCAM memory.

Keywords

field programmable gate arrays; pattern matching; random-access storage; security of data; telecommunication security; RAM; field programmable gate array; multipattern matching algorithm; network intrusion prevention system; random access storage; software-based pattern matching; Costs; Engines; Field programmable gate arrays; Hardware; Home appliances; Pattern matching; Random access memory; Read-write memory; Software algorithms; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

High Performance Switching and Routing, 2007. HPSR '07. Workshop on

Conference_Location

Brooklyn, NY

Print_ISBN

1-4244-1206-4

Electronic_ISBN

1-4244-1206-4

Type

conf

DOI

10.1109/HPSR.2007.4281234

Filename

4281234