Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2009.16C.5.583

Efficient Regular Expression Matching Using FPGA  

Lee, Jang-Haeng (조지아공대 컴퓨터공학과)
Lee, Seong-Won (광운대학교 컴퓨터공학과)
Park, Neung-Soo (건국대학교 컴퓨터공학부)
Publication Information
The KIPS Transactions:PartC / v.16C, no.5, 2009 , pp. 583-588 More about this Journal
Abstract
Network intrusion detection system (NIDS) monitors all incoming packets in the network and detects packets that are malicious to internal system. The NIDS should also have ability to update detection rules because new attack patterns are unpredictable. Incorporating FPGAs into the NIDS is one of the best solutions that can provide both high performance and high flexibility comparing with other approaches such as software solutions. In this paper we propose and design a novel approach, prefix sharing parallel pattern matcher, that can not only minimize additional resources but also maximize the processing performance. Experimental results showed that the throughput for 16-bit input is twice larger than for 8-bit input but the used LEs/Char in FPGA increases only 1.07 times.
Keywords
NIDS; Regular Expression; FPGA; String Matching;
Citations & Related Records
연도 인용수 순위
  • Reference
1 James Moscola, John Lockwood, Ronald P. Loui, and Michae Pachos, Implementation of a Content-Scanning Module for an Internet Firewall, In Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machine, Apr., 2003.
2 Christopher R. Clark and David E. Schimmel, Design of Efficient FPGA Circuits for Matching Complex Patterns in Network Intrusion Detection Systems. In Proceedings of the 13th International Conference on Field Programmable Logic and Applications, June, 2003.
3 Ioannis Sourdis and Dionisios Pnevmatikatos, Pre-decoded CAMs for Efficient and High-Speed NIDS Pattern Matching, In Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 258-267, April, 2004
4 Y.Cho and W. Mangione-Smith, Deep Packet Filter with Dedicated Logic and Read Only Memories, In Proceedings of the 12th Annual IEEE Symposiumon Field-Programmable Custom Computing Machines, Apr., 2004.   DOI
5 Martin Roesch and Chris Green, Snort User's Manual. http://www.snort.org/docs/writing_rules
6 R. Sidhu and V.K. Prasanna, Fast Regular Expression Matching using FPGA, In Proceedings of IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'01), Apr., 2001
7 Christopher R. Clark and David E. Schimmel, Scalable Pattern Matching for High Speed Networks, In Proceedings of the 12th Annual IEEE Symposiumon Field-Programmable Custom Computing Machines, Apr., .2004.   DOI