GDPI: Signature based Deep Packet Inspection using GPUs

Nausheen Shoaib, Jawwad Shamsi, Tahir Mustafa, Akhter Zaman, Jazib ul, Mishal Gohar
2017 International Journal of Advanced Computer Science and Applications  
Deep Packet Inspection (DPI) is necessitated for many networked application systems in order to prevent from cyber threats. The signature based Network Intrusion and Detection System (NIDS) works on packet inspection and pattern matching mechanisms for the detection of malicious content in network traffic. The rapid growth of high speed networks in data centers demand an efficient high speed packet processing mechanism which is also capable of malicious packets detection. In this paper, we
more » ... sed a framework GDPI for efficient packet processing which inspects all incoming packet's payload with known signature patterns, commonly available is Snort. The framework is developed using enhanced GPU programming techniques, such as asynchronous packet processing using streams, minimizing CPU to GPU latency using pinned memory and zero copy, and memory coalescing with shared memory which reduces read operation from global memory of the GPU. The overall performance of GDPI is tested on heterogeneous NVIDIA GPUs, like Tegra Tk1, GTX 780, and Tesla K40 and observed that the highest throughput is achieved with Tesla K40. The design code of GDPI is made available for research community.
doi:10.14569/ijacsa.2017.081128 fatcat:hrzim6u7efaedjvinb3luumfqe