Efficient long signature matching for gigabit intrusion detection sensors

被引:0
|
作者
Zhang, Kenong [1 ]
Gao, Ming [2 ]
Lu, Jiahua [1 ]
Guan, Xiaohong [2 ]
机构
[1] Xi An Jiao Tong Univ, Sch Elect Engn, Xian 710049, Peoples R China
[2] Xi An Jiao Tong Univ, Syst Engn Inst, Xian 710049, Peoples R China
来源
PROCEEDINGS OF THE 2006 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, SENSING AND CONTROL | 2006年
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Network Intrusion Detection Systems (NIDS) require the sensors to inspect the packet payloads at line rates. However, the software-only NIDS can not handle the large signature set with thousands of patterns of different lengths at line rates. Ternary content-addressable memories (TCAMs) have gained wide acceptance in the industry for storing and searching patterns in routers. But one important problem blocked the way to deploy TCAMs as deep package matching engines for NIDS: long patterns matching. A novel high speed long patterns matching architecture using cascade TCAMs for large signature set based NIDS is presented in this paper. Simple and efficient systems to handle tens of thousands of signatures with thousands of bytes length each can be built on such architecture. The matching system using for current SNORT signature set can work at the speeds greater than 2 Gbps.
引用
收藏
页码:953 / 956
页数:4
相关论文
共 50 条
  • [1] Efficient packet matching for gigabit network intrusion detection using TCAMs
    Gao, Ming
    Zhang, Kenong
    Lu, Jiahua
    20TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 1, PROCEEDINGS, 2006, : 249 - +
  • [2] Efficient Packet Pattern Matching for Gigabit Network Intrusion Detection using GPUs
    Hung, Che-Lun
    Wang, Hsiao-hsi
    Chang, Chin-Yuan
    Lin, Chun-Yuan
    2012 IEEE 14TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS & 2012 IEEE 9TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (HPCC-ICESS), 2012, : 1612 - 1617
  • [3] A String Matching Based Intrusion Detection System for Gigabit Network
    Pan, Shuxia
    Sun, Wangjie
    Zheng, Zhigao
    Sun, Chang
    PROCEEDINGS OF 2010 ASIA-PACIFIC YOUTH CONFERENCE ON COMMUNICATION, VOLS 1 AND 2, 2010, : 79 - +
  • [4] Efficient Pattern Matching Algorithm for Intrusion Detection Systems
    Yang, Wenjun
    SENSORS, MECHATRONICS AND AUTOMATION, 2014, 511-512 : 1178 - 1184
  • [5] An Efficient Pattern Matching Algorithm for Intrusion Detection Systems
    Anithakumari, S.
    Chithraprasad, D.
    2009 IEEE INTERNATIONAL ADVANCE COMPUTING CONFERENCE, VOLS 1-3, 2009, : 223 - +
  • [6] Efficient Pattern Matching on GPUs for Intrusion Detection Systems
    Tumeo, Antonino
    Villa, Oreste
    Sciuto, Donatella
    PROCEEDINGS OF THE 2010 COMPUTING FRONTIERS CONFERENCE (CF 2010), 2010, : 87 - 88
  • [7] Research on Efficient Pattern Matching Algorithms in Intrusion Detection System
    Liu-xiaoxing
    Yu-ning
    2014 7TH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTATION TECHNOLOGY AND AUTOMATION (ICICTA), 2014, : 509 - 512
  • [8] Efficient hardware support for pattern matching in network intrusion detection
    Guinde, Nitesh B.
    Ziavras, Sotirios G.
    COMPUTERS & SECURITY, 2010, 29 (07) : 756 - 769
  • [9] Multi-pattern signature matching for hardware Network Intrusion Detection Systems
    Song, HY
    Lockwood, JW
    GLOBECOM '05: IEEE Global Telecommunications Conference, Vols 1-6: DISCOVERY PAST AND FUTURE, 2005, : 1686 - 1690
  • [10] Energy-Efficient Intrusion Detection with a Barrier of Probabilistic Sensors
    Li, Junkun
    Chen, Jiming
    Lai, Ten H.
    2012 PROCEEDINGS IEEE INFOCOM, 2012, : 118 - 126
12345