One algorithm to match them all: On a generic NIPS pattern matching algorithm

Yaron Weinsberg*, Shimrit Tzur-David, Danny Dolev, Tal Anker

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

Today's Network Intrusion Prevention Systems (NIPS) provide an important defense mechanism against security threats. The detection of network attacks utilizes a high-speed pattern matching algorithm that can be implemented in either hardware or software. Adapting a software-based pattern matching algorithm to hardware-based device is a complicated task. This paper presents a cost effective multi-pattern matching algorithm based on Field Programmable Gate Arrays (FPGAs) and standard RAM. The algorithm achieves line-rate speed, which is several orders of magnitude faster than the current state of the art, while attaining similar accuracy of detection. The algorithm can be easily adapted to operate in hardware-based NIPS and attain even higher speed by utilizing a TCAM memory.

Original languageEnglish
Title of host publication2007 IEEE Workshop on High Performance Switching and Routing, HPSR
Pages252-257
Number of pages6
DOIs
StatePublished - 2007
Event2007 IEEE Workshop on High Performance Switching and Routing, HPSR - Brooklyn, NY, United States
Duration: 30 May 20071 Jun 2007

Publication series

Name2007 IEEE Workshop on High Performance Switching and Routing, HPSR

Conference

Conference2007 IEEE Workshop on High Performance Switching and Routing, HPSR
Country/TerritoryUnited States
CityBrooklyn, NY
Period30/05/071/06/07

Fingerprint

Dive into the research topics of 'One algorithm to match them all: On a generic NIPS pattern matching algorithm'. Together they form a unique fingerprint.

Cite this