Title :
Hardware accelerated pattern matching based on Deterministic Finite Automata with perfect hashing
Author :
Kastil, Jan ; Korenek, Jan
Author_Institution :
Fac. of Inf. Technol., Brno Univ. of Technol., Brno, Czech Republic
Abstract :
With the increased amount of data transferred by computer networks, the amount of the malicious traffic also increases and therefore it is necessary to protect networks by security systems such as firewalls and Intrusion Detection Systems (IDS) operating at multigigabit speeds. Pattern matching is the time critical operation of current IDS. This paper deals with the analysis of regular expressions used by modern IDS to describe malicious traffic. According to our analysis, more than 64 percent of regular expressions create Deterministic Finite Automaton (DFA) with less than 20 percent of saturation of the transition table which allows efficient implementation of pattern matching into FPGA platform. We propose architecture for fast pattern matching using perfect hashing suitable for implementation into FPGA platform. The memory requirements of presented architecture is closed to the theoretical minimum for sparse transition tables.
Keywords :
computer network security; field programmable gate arrays; file organisation; finite automata; pattern matching; FPGA platform; IDS; computer networks; deterministic finite automata; firewalls; hardware accelerated pattern matching; intrusion detection systems; malicious traffic; perfect hashing; security systems; sparse transition tables; Acceleration; Automata; Computer networks; Computer security; Field programmable gate arrays; Hardware; Intrusion detection; Pattern matching; Protection; Telecommunication traffic; Deterministic Finite Automata; Inrusion Detection; Perfect hashing; hardware acceleration;
Conference_Titel :
Design and Diagnostics of Electronic Circuits and Systems (DDECS), 2010 IEEE 13th International Symposium on
Conference_Location :
Vienna
Print_ISBN :
978-1-4244-6612-2
DOI :
10.1109/DDECS.2010.5491796
