A high-throughput system architecture for deep packet filtering in network intrusion prevention

Dae Y. Kim, Sunil Kim, Lynn Choi, Hyogon Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Pattern matching is one of critical parts of Network Intrusion Prevention Systems (NIPS). Pattern matching hardware for NIPS should find a matching pattern at wire speed. However, that alone is not good enough. First, pattern matching hardware should be able to generate sufficient pattern match information including the pattern index number and the location of the match found at wire speed. Second, it should support pattern grouping to reduce unnecessary pattern matches. Third, it should show constant worst-case performance even if the number of patterns is increased. Finally it should be able to update patterns in a few minutes or seconds without stopping its operations. We modify Shift-OR hardware accelerator and propose a system architectures to meet the above requirement. Using Xilinx FPGA simulation, we show the new system scaled well to achieve a high speed over 10Gbps and satisfies all of the above requirements.

Original languageEnglish
Title of host publicationArchitecture of Computing Systems - ARCS 2006 - 19th International Conference, Proceedings
PublisherSpringer Verlag
Pages407-421
Number of pages15
ISBN (Print)3540327657, 9783540327653
DOIs
Publication statusPublished - 2006
Event19th International Conference on Architecture of Computing Systems, ARCS 2006 - Frankfurt, Main, Germany
Duration: 2006 Mar 132006 Mar 16

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3894 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other19th International Conference on Architecture of Computing Systems, ARCS 2006
CountryGermany
CityFrankfurt, Main
Period06/3/1306/3/16

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A high-throughput system architecture for deep packet filtering in network intrusion prevention'. Together they form a unique fingerprint.

  • Cite this

    Kim, D. Y., Kim, S., Choi, L., & Kim, H. (2006). A high-throughput system architecture for deep packet filtering in network intrusion prevention. In Architecture of Computing Systems - ARCS 2006 - 19th International Conference, Proceedings (pp. 407-421). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3894 LNCS). Springer Verlag. https://doi.org/10.1007/11682127_29