Referenced Items are not available for this document.
String pattern matching is a computationally expensive task, and when implemented in hardware, it can consume a large amount of resources for processing and storage. This paper presents a novel technique, based on a tree-based content addressable memory structure, for a pattern matching engine for use in a hardware-based network intrusion detection system. This technique involves hardware sharing at bit level in order to exploit powerful logic optimisations for multiple strings represented as a boolean expression. Our approach has been used to implement the entire SNORT rule set with around 12% of the area on a Xilinx XC2V80O0 FPGA. The design can run at a rate of approximately 2.5 Gigabits per second, and is approximately 30% smaller in area when compared with published results. The performance of our design can be improved further by having multiple designs operating in parallel.
Published in:
Field Programmable Logic and Applications, 2005. International Conference on
Date of Conference: 24-26 Aug. 2005
- Page(s):
- 444 - 449
- Print ISBN:
- 0-7803-9362-7
- INSPEC Accession Number:
- 8813957
- Digital Object Identifier :
- 10.1109/FPL.2005.1515762
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
