Design and Evaluation of Parallel String Matching Algorithms for Network Intrusion Detection Systems [chapter]

Tyrone Tai-On Kwok, Yu-Kwong Kwok
2007 Lecture Notes in Computer Science  
Network security is very important for Internet-connected hosts because of the widespread of worms, viruses, DoS attacks, etc. As a result, a network intrusion detection system (NIDS) is typically needed to detect network attacks by packet inspection. For an NIDS system, string matching is the computation-intensive task and hence the performance bottleneck, since every byte of the payload of packets must be checked against numerous predefined signature strings, which may occur arbitrarily in
more » ... payload. In this paper, we present the design and evaluation of parallel string matching algorithms targeting hardware implementation on FPGAs and software implementation on multi-core processors. Experimental results show that, on a multi-processor system, the multi-threaded implementation of the proposed parallel string matching algorithm can reduce string matching time by more than 40%.
doi:10.1007/978-3-540-74784-0_35 fatcat:2epumeo3ovab5n4hmrnxotl46e