Centralized Parallel form of Pattern Matching Algorithm in Packet Inspection by Efficient Utilization of Secondary Memory in Network Processor
Abstract
Keywords
Full Text:
PDFReferences
Snort, http://www.snort.org, 2008.
Antonatos, K.G. Anagnostakis, and E.P. Markatos,“Generating Realistic Workloads for Network Intrusion Detection Systems,”Proc. Fourth Int‟l ACM Workshop Software and Performance (WOSP),2004.
R.N. Horspool, “Practical Fast Searching in Strings,” Software Practice and Experience, vol. 10, no. 6, pp. 501-506, 1980.
A.V. Aho and M.J. Corasick, “Efficient String Matching: An Aid to Bibliographic Search,” Comm. ACM, vol. 18, no. 6, pp. 330-340,June 1975.
M. Fisk and G. Varghese, “Fast Content-Based Packet Handling for Intrusion Detection,” UCSD Technical Report CS2001-0670,May 2001.
O. Erdogan and P. Cao, “Hash-AV: Fast Virus Signature Scanning by Cache-Resident Filters,” Proc. IEEE Global Telecomm. Conf.(GLOBECOM ‟05), Nov. 2005.
S. Lakshmanamurthy, K.-Y. Liu, Y. Pun, L. Huston, and U. Naik,“Network Processor Performance Analysis Methodology,” Intel Technology J., vol. 6, Aug. 2002.
N. Tuck, T. Sherwood, B. Calder, and G. Varghese, “Deterministic Memory-Efficient String Matching Algorithms for Intrusion Detection,” Proc. IEEE INFOCOM ‟04, Mar. 2004.
T.-F. Sheu, N.-F. Huang, and H.-P. Lee, “A Novel Hierarchical Matching Algorithm for Intrusion Detection Systems,”Proc. IEEE Global Telecomm. Conf. (GLOBECOM ‟05), Nov. 2005.
S. Wu and U. Manber, “A Fast Algorithm for Multi-Pattern Searching,” Technical Report TR94-17, Dept. Computer Science,Univ. of Arizona, May 1994.
E. Markatos, S. Antonatos, M. Polychronakis, and K. Anagnostakis, “Exclusion-Based Signature Matching for Intrusion Detection,” Proc. IASTED Int‟l Conf. Comm. and Computer Networks (CCN ‟02), Oct. 2002.
R.-T. Liu, N.-F. Huang, C.-H. Chen, and C.-N. Kao, “A Fast String Matching Algorithm for Network Processor-Based Intrusion Detection System,” ACM Trans. Embedded Computing Systems,vol. 3, no. 3, Aug. 2004.
R.S. Boyer and J.S. Moor, “A Fast String Searching Algorithm,”Comm. ACM, vol. 20, no. 10, pp. 762-772, Oct. 1977.
T.-F. Sheu, N.-F. Huang, and H.-P. Lee, “A Time- and Memory-Efficient String Matching Algorithm for Intrusion Detection Systems,” Proc. IEEE Global Telecomm. Conf. (GLOBECOM ‟06),Nov. 2006.
C.J. Coit, S. Staniford, and J. McAlerney, “Towards Faster String Matching for Intrusion Detection or Exceeding the Speed of Snort,” Proc. Second DARPA Information Survivability Conf. and Exposition (DISCEX), 2001.
S. Antonatos, M. Polychronakis, P. Akritidis, K.G. Anagnostakis, and E.P. Markatos, “Piranha: Fast and Memory-Efficient Pattern Matching for Intrusion Detection,” Proc. 20th IFIP Int‟l Information Security Conf. (SEC ‟05), May 2005.
S. Li, J. Torresen, and O. Soraasen, “Exploiting Reconfigurable Hardware for Network Security,” Proc. 11th Ann. IEEE Symp. Field-Programmable Custom Computing Machines (FCCM),2003.
S. Kim and Y. Kim, “A Fast Multiple String-Pattern Matching Algorithm,” Proc. 17th AoM/IAoM Int‟l Conf. Computer Science,Aug. 1999.
S. Dharmapurikar, P. Krishnamurthy, T. Sproull, and J.Lockwood, “Deep Packet Inspection Using Parallel Bloom Filters,” Proc. 11th Symp. High Performance Interconnects, Aug.2003.
H. Lu, K. Zheng, B. Liu, X. Zhang, and Y. Liu, “A Memory-Efficient Parallel String Matching Architecture for High-Speed Intrusion Detection,” IEEE J. Selected Area in Comm., vol. 24, no. 10, Oct. 2006.
S. Dharmapurikar and J. Lockwood, “Fast and Scalable Pattern Matching for Network Intrusion Detection Systems,” IEEE J.Selected Area in Comm., vol. 24, no. 10, Oct. 2006.
Vitesse Network Processors, http://www.vitesse.com, 2008.
Intel Network Processors, http://www.intel.com/design/network/products/npfamily/index.htm, 2008.
C. Kruegel, F. Valeur, G. Vigna, and R. Kemmerer, “Stateful Intrusion Detection for High-Speed Networks,” Proc. IEEE Symp.Security and Privacy (SP ‟02), May 2002.
M. Handley, V. Paxson, and C. Kreibich, “Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics,” Proc. Ninth USENIX Security Symp., 2000.
C. Cowan, “Defcon Capture the Flag: Defending Vulnerable Code from Intense Attack,” Proc. DARPA Information Survivability Conf.and Exposition (DISCEX III ‟03), Apr. 2003.
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution 3.0 License.