NDLI: A High Throughput String Matching Architecture for Intrusion Detection and Prevention

Please wait, while we are loading the content...

A High Throughput String Matching Architecture for Intrusion Detection and Prevention

Content Provider	Semantic Scholar
Author	Sherwood, Lin Tan Timothy
Abstract	NetworkIntrusionDetectionandPreventionSystemshave emerged as oneof the mosteffectivewaysof providing security to thoseconnectedto thenetwork,andat theheartof almostevery modernintrusion detectionsystemis a string matching algorithm. Stringmatching is oneof themostcritical elementsbecauseit allows for the systemto make decisionsbasednot just on the header s, but the actual content owing through the network. Unfortunately, checking every byteof every packet to seeif it matchesoneof a setof ten thousandstringsbecomesa computationallyintensivetaskas networkspeedsgrow into the tens,andeventuallyhundreds, of gigabits/second. To keepup with thesespeedsa specializeddevice is required, one that can maintain tight boundson worst case performance, that canbeupdatedwith new ruleswithout interrupting operation, and one that is ef cient enoughthat it couldbe includedonchip with existingnetworkchipsor even into wirelessdevices. We havedevelopedan approach that relieson a specialpurposearchitecture that executesnovel stringmatchingalgorithmsspeciallyoptimizedfor implementation in our design.Weshowhowtheproblemcanbesolved by converting the large databaseof strings into many tiny statemachines,each of which searchesfor a portion of the rulesanda portionof thebitsof each rule. Throughthecareful co-designandoptimizationof our architecturewith a new stringmatchingalgorithmweshowthat it is possibleto build a systemthat is 10 timesmoreef cient thanthecurrentlybest knownapproaches.
File Format	PDF HTM / HTML
Alternate Webpage(s)	https://web.archive.org/web/20080724170227/http://opera.cs.uiuc.edu/~lintan2/publications/strarch_isca05.pdf
Language	English
Access Restriction	Open
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in