Title :
Implementation of a content-scanning module for an Internet firewall
Author :
Moscola, James ; Lockwood, John ; Loui, Ronald P. ; Pachos, Michael
Author_Institution :
Dept. of Comput. Sci. & Eng., Washington Univ., St. Louis, MO, USA
Abstract :
A module has been implemented in Field Programmable Gate Array (FPGA) hardware that scans the content of Internet packets at Gigabits/second rates. All of the packet processing operations are performed using reconfigurable hardware within a single Xilinx Virtex XCV2000E FPGA. A set of layered protocol wrappers is used to parse the headers and payloads of packets for Internet protocol data. A content matching server automatically generates the Finite State Machines (FSMs) to search for regular expressions. The complete system is operated on the Field-programmable Port Extender (FPX) platform.
Keywords :
Internet; access protocols; authorisation; computer networks; field programmable gate arrays; finite state machines; FPX; FSM; Field-programmable Port Extender; Internet protocol; Xilinx Virtex XCV2000E FPGA; content matching; content-scanning module; field programmable gate array; finite state machine; firewall; layered protocol wrapper; packet processing; reconfigurable hardware; Automata; Computer science; Field programmable gate arrays; Hardware; Internet; Intrusion detection; Network servers; Payloads; Protocols; Web server;
Conference_Titel :
Field-Programmable Custom Computing Machines, 2003. FCCM 2003. 11th Annual IEEE Symposium on
Print_ISBN :
0-7695-1979-2
DOI :
10.1109/FPGA.2003.1227239
