|
Published Articles >> Table of Contents >> Abstract
International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 1
p. 97
A Fast Pattern-Match Engine for Network Processor-based Network Intrusion Detection System
Rong-Tai Liu, National Tsing Hua University, Taiwan
Nen-Fu Huang, National Tsing Hua University, Taiwan
Chia-Nan Kao, National Tsing Hua University, Taiwan
Chih-Hao Chen, National Tsing Hua University, Taiwan
Chi-Chieh Chou, National Tsing Hua University, Taiwan
Full Article Text:
  
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ITCC.2004.1286432
Send link to a friend
| Abstract |
|
Network Intrusion Detection Systems (NIDS) are one
of the latest developments in security. The matching of
packet strings against collected signatures dominates
signature-based NIDS performance. This work presents
FNP2, an efficient pattern-matching engine designed for
Network Processor platform which conducts matching
sets of patterns in parallel. This work shows that
combining our string matching methodology, hashing
engine supported by most Network Processors, and
characteristics of current Snort signatures frequently
improves performance and reduces number of memory
accesses compared to current NIDS pattern matching
algorithms. Another contribution is to highlight that,
besides total number of searching patterns, shortest
pattern length is also a major influence on NIDS multi-pattern
matching algorithm performance.
|
 Additional Information
|
Citation:
Rong-Tai Liu, Nen-Fu Huang, Chia-Nan Kao, Chih-Hao Chen, Chi-Chieh Chou,
"A Fast Pattern-Match Engine for Network Processor-based Network Intrusion Detection System,"
itcc,
p. 97,
International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 1,
2004
|
|
