Skip to Main Content
Network intrusion detection systems (NIDS) are more and more important for identifying and preventing the malicious attacks over the network. This paper proposes a novel cost-effective high speed pattern matching algorithm (named MSH) for NIDS. By applying the characteristics of magic states, a new observation from the deterministic finite state automata (DFA), the proposed MSH constructs a tiny data structure which can be stored into the on-chip memory of modern cost effective FPGA. Prototype and experimental results show the overall efficiency of the proposed MSH is at least 7 times faster than that of the baseline model. The MSH enables the design of cost effective FPGA-based accelerator to furnish over 1 Gbps throughput. It can also be scaled to multi-gigabit and realized on various silicon implementations.