Intrusive detection system implementation using deep packet inspection

One of the most common techniques to detect a network attack is to compare each incoming packet with pre-defined attack patterns. Scalability to network traffic and easy updating of new attack patterns are mandatory requirements needed to perform this comparison. The simplest way to implement such system is using the memory-based deterministic finite automata, but their storage requirement is growing exponentially with the number of patterns. Another issue is the computation time in order to detect the attack in real time. This work has the goal to propose an efficient deep packet inspection (DPI) algorithm and to analyze its efficiently implementation using a specialized hardware circuit and the GPU CUDA (Computer Unified Device Architecture) enabled boards existing in the personal computers. The following tasks have been analyzed: the parallelization of the pattern matching algorithm and the optimization of C code written for Nvidia compiler to obtain the best performance. A comparison of processing speed of implementation methods is illustrated.