A Reconfigurable Multi-Byte Regular-Expression Matching Architecture for Signature-Based Intrusion Detection
Damascus(2008)
Abstract
String/regular-expression matching is widely used in different applications. Our work is concerned with high-throughput regular-expression matching in the context of intrusion detection systems as it is the most computationally intensive part of the operation. The results, however, should be equally applicable to other domains that require fast regular-expression matching. The major contribution of this paper is a reconfigurable architecture that performs regular-expression matching on a multi-byte per clock cycle basis. We are able to explore the system performance for different byte-processing rates - from 4 to 64 - by automating the VHDL-generation process and implementing the resulting circuits on a general- purpose FPGA. Theoretical expressions for resource usage (cost) as a function of byte-rate and pattern-length are also presented.
MoreTranslated text
Key words
digital signatures,field programmable gate arrays,hardware description languages,reconfigurable architectures,security of data,string matching,fpga,vhdl-generation process,byte processing,reconfigurable architecture,regular-expression matching,signature-based intrusion detection,string-expression matching,exact-pattern matching,intrusion detection,regular expression,system performance,throughput,pattern matching,hardware,computer networks,intrusion detection system,computer architecture,circuits,high throughput
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined