26 April 2006 Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system
Author Affiliations +
Proceedings Volume 6159, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV; 615936 (2006) https://doi.org/10.1117/12.674873
Event: Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV, 2005, Wilga, Poland
Abstract
Intrusion Prevention Systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. The essential feature of network IPSs is searching through network packets and matching multiple strings, that are fingerprints of known attacks. String matching is highly resource consuming and also the most significant bottleneck of IPSs. In this article an extension of the classical Karp-Rabin algorithm and its implementation architectures were examined. The result is a software, which generates a source code of a string matching module in hardware description language, that could be easily used to create an Intrusion Prevention System implemented in reconfigurable hardware. The prepared module matches the complete set of Snort IPS signatures achieving throughput of over 2 Gbps on an Altera Stratix I1 evaluation board. The most significant advantage of the proposed architecture is that the update of the patterns database does not require reconfiguration of the circuitry.
© (2006) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Jakub Botwicz, Jakub Botwicz, Piotr Buciak, Piotr Buciak, Piotr Sapiecha, Piotr Sapiecha, } "Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system", Proc. SPIE 6159, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV, 615936 (26 April 2006); doi: 10.1117/12.674873; https://doi.org/10.1117/12.674873
PROCEEDINGS
8 PAGES


SHARE
RELATED CONTENT


Back to Top