Ιδρυματικό Αποθετήριο
Πολυτεχνείο Κρήτης
Πολυτεχνείο Κρήτης
EN
|
EL
| URI | http://purl.tuc.gr/dl/dias/C6C06D61-B760-4357-B36D-BF1974B21093 | - |
| Αναγνωριστικό | https://doi.org/10.1007/978-3-540-45234-8_85 | - |
| Γλώσσα | en | - |
| Μέγεθος | 10 pages | en |
| Τίτλος | Fast, large-scale string match for a 10Gbps FPGA-based network intrusion Detection system | en |
| Δημιουργός | Pnevmatikatos Dionysios | en |
| Δημιουργός | Πνευματικατος Διονυσιος | el |
| Δημιουργός | Ioannis Sourdis | en |
| Εκδότης | Springer Verlag | en |
| Περίληψη | Intrusion Detection Systems such as Snort scan incoming packets for evidence of security threats. The most computation-intensive part of these systems is a text search against hundreds of patterns, and must be performed at wire-speed. FPGAs are particularly well suited for this task and several such systems have been proposed. In this paper we expand on previous work, in order to achieve and exceed a processing bandwidth of 11Gbps. We employ a scalable, low-latency architecture, and use extensive fine-grain pipelining to tackle the fan-out, match, and encode bottlenecks and achieve operating frequencies in excess of 340MHz for fast Virtex devices. To increase throughput, we use multiple comparators and allow for parallel matching of multiple search strings. We evaluate the area and latency cost of our approach and find that the match cost per search pattern character is between 4 and 5 logic cells. | en |
| Τύπος | Πλήρης Δημοσίευση σε Συνέδριο | el |
| Τύπος | Conference Full Paper | en |
| Άδεια Χρήσης | http://creativecommons.org/licenses/by/4.0/ | en |
| Ημερομηνία | 2015-10-19 | - |
| Ημερομηνία Δημοσίευσης | 2003 | - |
| Θεματική Κατηγορία | Monitoring of computer networks | en |
| Θεματική Κατηγορία | Network monitoring (Computer networks) | en |
| Θεματική Κατηγορία | computer networks monitoring | en |
| Θεματική Κατηγορία | monitoring of computer networks | en |
| Θεματική Κατηγορία | network monitoring computer networks | en |
| Βιβλιογραφική Αναφορά | I. Sourdis , D. Pnevmatikatos," Fast, large-scale string match for a 10Gbps FPGA-based network intrusion detection system,"in 13th Intern. Conf. on Field Progr. Logic and Appl. ,pp.880-889.doi:10.1007/978-3-540-45234-8_85 | en |
Copyright © DIAS 2013
