A Hardware Architecture of Multibyte-based Regular Expression Pattern Matching for NIDS 


Vol. 34,  No. 1, pp. 47-55, Jan.  2009


PDF
  Abstract

In recent network intrusion detection systems, regular expressions are used to represent malicious packets. In order to process incoming packets through high speed networks in real time, we should perform hardware-based pattern matching using the configurable device such as FPGAs. However, operating speed of FPGAs is slower than giga-bit speed network and so, multi-byte processing per clock cycle may be needed. In this paper, we propose a hardware architecture of multi-byte based regular expression pattern matching and implement the pattern matching circuit generator. The throughput improvements in four-byte based pattern matching circuit synthesized in FPGA for several Snort rules are 2.62~3.4 times.

  Statistics
Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


  Cite this article

[IEEE Style]

S. Yun and K. Lee, "A Hardware Architecture of Multibyte-based Regular Expression Pattern Matching for NIDS," The Journal of Korean Institute of Communications and Information Sciences, vol. 34, no. 1, pp. 47-55, 2009. DOI: .

[ACM Style]

SangKyun Yun and KyuHee Lee. 2009. A Hardware Architecture of Multibyte-based Regular Expression Pattern Matching for NIDS. The Journal of Korean Institute of Communications and Information Sciences, 34, 1, (2009), 47-55. DOI: .

[KICS Style]

SangKyun Yun and KyuHee Lee, "A Hardware Architecture of Multibyte-based Regular Expression Pattern Matching for NIDS," The Journal of Korean Institute of Communications and Information Sciences, vol. 34, no. 1, pp. 47-55, 1. 2009.

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)






pISSN : 1226 - 4717
eISSN : 2287 - 3880