High-speed string matching for network intrusion detection. (4th August 2009)
- Record Type:
- Journal Article
- Title:
- High-speed string matching for network intrusion detection. (4th August 2009)
- Main Title:
- High-speed string matching for network intrusion detection
- Authors:
- Soewito, Benfano
Mahajan, Atul
Weng, Ning
Wang, Haibo - Abstract:
- Intrusion detection systems are promising techniques to improve internet security. A daunting challenge in the design of internet intrusion detection systems is how to perform high-speed string matching operations. This paper presents a string matching architecture, consisting of software based classifiers and hardware based verifiers. Based on incoming packet contents, the packet classifiers can dramatically reduce the number of strings to be matched and accordingly, feed the packet to a proper verifier to conduct matching. The paper presents the proposed classifier architecture and discusses the trade-offs in the classifier design. In addition, techniques, including multi-threading FSM, high-speed FSM interface circuits and interconnects for high-speed verifier implementation on FPGA platforms are discussed. Experimental results are presented to explore the trade-offs between system performance, strings partition granularity and hardware resource cost.
- Is Part Of:
- International journal of communication networks and distributed systems. Volume 3:Number 4(2009)
- Journal:
- International journal of communication networks and distributed systems
- Issue:
- Volume 3:Number 4(2009)
- Issue Display:
- Volume 3, Issue 4 (2009)
- Year:
- 2009
- Volume:
- 3
- Issue:
- 4
- Issue Sort Value:
- 2009-0003-0004-0000
- Page Start:
- 319
- Page End:
- 339
- Publication Date:
- 2009-08-04
- Subjects:
- FPGA -- string matching -- network intrusion detection systems -- NIDS -- internet security -- packet classifiers -- classifier design -- system performance -- string partition granularity -- hardware resource cost
Computer networks -- Periodicals
Telecommunication systems -- Periodicals
Electronic data processing -- Distributed processing -- Periodicals
004.6 - Journal URLs:
- http://www.inderscience.com/jhome.php?jcode=ijcnds ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1754-3916
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8423.xml