Hardware Accelerated Pattern Matching Based on Deterministic Finite Automata with Perfect Hashing

článek ve sborníku mimo WoS a Scopus

angličtina

With the increased amount of data transferred by computer networks, the amount of the malicious traffic also increases and therefore it is necessary to protect networks by security systems such as firewalls and Intrusion Detection Systems (IDS) operating at multigigabit speeds. Pattern matching is the time critical operation of current IDS. This paper deals with the analysis of regular expressions used by modern IDS to describe malicious traffic. According to our analysis, more than 64 percent of regular expressions create Deterministic Finite Automaton (DFA) with less than 20 percent of saturation of the transition table which allows efficient implementation of pattern matching into FPGA platform. We propose architecture for fast pattern matching using perfect hashing suitable for implementation into FPGA platform. The memory requirements of presented architecture is closed to the theoretical minimum for sparse transition tables.

Intrusion Detection, Perfect Hashing,hardware acceleration, Deterministic Finite Automata

KAŠTIL, J.; KOŘENEK, J.

2010

19. 4. 2010

IEEE Computer Society

Vienna

978-1-4244-6610-8

Proceedings of the 13th IEEE International Symposium on Design and Diagnostics of Electronic Circuits and Systems DDECS 2010

149

152

4

https://www.fit.vut.cz/research/publication/9200/