ETRI Journal

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

A Hardware-Based String Matching Using State Transition Compression for Deep Packet Inspection

  • Kim, HyunJin (Department of Electronics and Electrical Engineering, Dankook University) ;
  • Lee, Seung-Woo (Communications Internet Research Laboratory, ETRI)
  • Received : 2012.04.21
  • Accepted : 2012.07.19
  • Published : 2013.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

This letter proposes a memory-based parallel string matching engine using the compressed state transitions. In the finite-state machines of each string matcher, the pointers for representing the existence of state transitions are compressed. In addition, the bit fields for storing state transitions can be shared. Therefore, the total memory requirement can be minimized by reducing the memory size for storing state transitions.

Keywords

References

  1. A. Peravi and M.J. Rahimzadeh, "A Novel Scalable and Storage-Efficient Architecture for High Speed Exact String Matching," ETRI J., vol. 31, no. 5, Oct. 2009, pp. 545-553. https://doi.org/10.4218/etrij.09.0108.0353
  2. P.-C. Lin et al., "Using String Matching for Deep Packet Inspection," IEEE Computer, vol. 41, no. 4, 2008, pp. 23-28.
  3. A.V. Aho and M.J. Corasick, "Efficient String Matching: An Aid to Bibliographic Search," Commun. ACM, vol. 18, no. 6, 1975, pp. 333-340. https://doi.org/10.1145/360825.360855
  4. L. Tan, B. Brotherton, and T. Sherwood, "Bit-Split String-Matching Engines for Intrusion Detection and Prevention," ACM Trans. Architecture Code Optimization, vol. 3, no. 1, Mar. 2006, pp. 3-34. https://doi.org/10.1145/1132462.1132464
  5. P. Piyachon and Y. Luo, "Compact State Machines for High Performance Pattern Matching," Proc. IEEE Design Autom. Conf., 2007, pp. 493-496.
  6. C.-H. Lin, Y.-T. Tai, and S.-C. Chang, "Optimization of Pattern Matching Algorithm for Memory Based Architecture," Proc. 3rd ACM/IEEE Symp. Architecture Netw. Commun. Syst., 2007, pp. 11-16.
  7. H. Kim et al., "A Memory-Efficient Pattern Matching with Hardware Based Bit-Split String Matchers for Deep Packet Inspection," IEICE Commun. Lett., vol. E93-B, no. 2, Feb. 2010, pp. 396-398. https://doi.org/10.1587/transcom.E93.B.396
  8. H. Kim, H.-S. Kim, and S. Kang, "A Memory-Efficient Bit-Split Parallel String Matching Using Pattern Dividing for Intrusion Detection Systems," IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 11, Nov. 2011, pp. 1904-1911. https://doi.org/10.1109/TPDS.2011.85
  9. Snort, Network Intrusion Detection System. http://www.snort.org
  10. A. Pandey et al., "Efficient Design and Implementation of DFA Based Pattern Matching on Hardware," IJCSI, vol. 9, issue 2, no. 1, Mar. 2012, pp. 286-290.

Cited by

  1. Highly Secure Mobile Devices Assisted with Trusted Cloud Computing Environments vol.37, pp.2, 2013, https://doi.org/10.4218/etrij.15.0114.0397
  2. Host-based intrusion detection system for secure human-centric computing vol.72, pp.7, 2016, https://doi.org/10.1007/s11227-015-1506-9
  3. PAC-<i>k</i>: A Parallel Aho-Corasick String Matching Approach on Graphic Processing Units Using Non-Overlapped Threads vol.eb99, pp.7, 2016, https://doi.org/10.1587/transcom.2015ebp3411
  4. Fast 2D filter with low false positive for network packet inspection vol.6, pp.6, 2013, https://doi.org/10.1049/iet-net.2017.0055
  5. Parallel multiple pattern matching schemes based on cuckoo filter for deep packet inspection on graphics processing units vol.12, pp.4, 2013, https://doi.org/10.1049/iet-ifs.2017.0421