Internet Archive Scholar

Bitwise optimised cam for network intrusion detection systems

S. Yusuf, W. Luk
International Conference on Field Programmable Logic and Applications, 2005.  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (80.7 kB)
https://web.archive.org/web/20170809075423/http://www.diadem-firewall.org/publications/fpl05.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

String pattern matching is a computationally expensive task, and when implemented in hardware, it can consume a large amount of resources for processing and storage. This paper presents a novel technique, based on a tree-based content addressable memory structure, for a pattern matching engine for use in a hardware-based network intrusion detection system. This technique involves hardware sharing at bit level in order to exploit powerful logic optimisations for multiple strings represented as a
more » ... boolean expression. Our approach has been used to implement the entire SNORT rule set with around 12% of the area on a Xilinx XC2V8000 FPGA. The design can run at a rate of approximately 2.5 Gigabits per second, and is approximately 30% smaller in area when compared with published results. The performance of our design can be improved further by having multiple designs operating in parallel.
doi:10.1109/fpl.2005.1515762 dblp:conf/fpl/YusufL05 fatcat:f4frrpm7pfdxzfnwtqcy6n7ncq
Citation

S. Yusuf, W. Luk. "Bitwise optimised cam for network intrusion detection systems." International Conference on Field Programmable Logic and Applications, 2005. 444-449