DocumentCode :
464831
Title :
Hardware Architecture of a Parallel Pattern Matching Engine
Author :
Yadav, Meeta ; Venkatachaliah, Ashwini ; Franzon, Paul D.
Author_Institution :
Dept. of Electr. & Comput. Eng., North Carolina State Univ., Raleigh, NC
fYear :
2007
fDate :
27-30 May 2007
Firstpage :
1369
Lastpage :
1372
Abstract :
Several network security and QoS applications require detecting multiple string matches in the packet payload by comparing it against predefined pattern set. This process of pattern matching at line speeds is a memory and computation intensive task. Hence, it requires dedicated hardware algorithms. This paper describes the hardware architecture of a parallel, pipelined pattern matching engine that uses trie based pattern matching algorithmic approach. The algorithm optimizes pattern matching process through two key innovations of parallel pattern matching using incoming content filter and multiple character matching using trie pruning. The hardware implementation is capable of performing at line-speeds and handle traffic rates up to OC-192, the underlying architecture allows for multiple patterns to be detected and for the system to gracefully recover from a failed partial match, the throughput of the system does not degrade with the increase in the number of patterns or the length of the patterns to be matched. The solution described outperforms most current implementations in terms of speed and memory requirement and outperforms TCAM based solutions in terms of power consumption, area, and cost while remaining competitive in terms of throughput and update times. The complete Snort rule set (2005 release) and VoIP RFC were used to validate our performance and achieve a throughput of 12Gbps with 6KBytes of content filter memory and 0.3 MBytes of total memory for Snort and 0.5KBytes of filter memory and 12KBytes of total memory for SIP.
Keywords :
coprocessors; data communication; digital circuits; logic circuits; parallel processing; quality of service; string matching; telecommunication security; 0.3 MBytes; 0.5 Mbyte; 12 Gbit/s; 12 kBytes; 6 kBytes; OC-192; QoS applications; Snort rule set; VoIP RFC; hardware algorithms; multiple character matching; multiple string matches; network security; parallel pattern matching engine; parallel pipelined pattern matching engine; trie based pattern matching; trie pruning; Computer architecture; Degradation; Energy consumption; Engines; Hardware; Matched filters; Pattern matching; Payloads; Technological innovation; Throughput;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Circuits and Systems, 2007. ISCAS 2007. IEEE International Symposium on
Conference_Location :
New Orleans, LA
Print_ISBN :
1-4244-0920-9
Electronic_ISBN :
1-4244-0921-7
Type :
conf
DOI :
10.1109/ISCAS.2007.378482
Filename :
4252902
Link To Document :
بازگشت