Title :
Highly Memory-Efficient LogLog Hash for Deep Packet Inspection
Author :
Bando, Masanori ; Artan, N. Sertac ; Chao, H. Jonathan
Abstract :
Today´s network line rates reach speeds of 40 Gbps and are anticipated to reach 100 Gbps in the near future. These high speeds make Deep Packet Inspection (DPI) in Network Intrusion Detection and Prevention Systems (NIDPSs) very challenging. The DPI examines each incoming packet byte-by- byte and matches them against a set of predefined malicious signatures. One way to achieve high-speed DPI is to store all the signatures on high-speed on-chip memory. However, on-chip memory is limited and space-efficient data structures are needed to leverage precious on-chip memory efficiently. A hash table addressed by a Minimal Perfect Hash Function (MPHF) is such a high-speed, space efficient data structure. In this paper, we describe a highly memory-efficient MPHF, which requires 3.5 bits per key to facilitate access to the key in on-chip memory while allowing us to perform the expensive exact match operation only once. The proposed MPHF also has a low construction time.
Keywords :
Internet; cryptography; data structures; digital signatures; storage management; telecommunication security; data structure; deep packet inspection; high-speed on-chip memory; malicious signature; memory-efficient LogLog hash function; minimal perfect hash function; network intrusion detection-prevention system; Chaos; Computer viruses; Computer worms; Costs; Data structures; Field programmable gate arrays; IP networks; Inspection; Intrusion detection; Web and internet services;
Conference_Titel :
Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE
Conference_Location :
New Orleans, LO
Print_ISBN :
978-1-4244-2324-8
DOI :
10.1109/GLOCOM.2008.ECP.391
