期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于Bloom filter的多模式匹配引擎 被引量:8

Multi-Pattern Matching Engine Based on Bloom Filter
下载PDF
导出
摘要 基于Bloom filter,结合位拆分状态机设计了一种适合硬件实现的多模式匹配引擎,由bloom filter过滤出可疑字符,位拆分状态机进行精确匹配.提出了过滤引擎和精确匹配引擎的流水线连接结构,通过增加分配器、缓存等硬件单元解决两引擎处理速度不匹配的问题,利用引擎的并行处理达到较高的吞吐性能.还通过设定规则长度等简化设计使引擎在保持高吞吐量的同时减小资源占用量,提高了可扩展性. By using Bloom filter, a multi-pattern matching engine suitable for hardware implementation was designed. The suspicious strings are picked up by the Bloom filter engine, and then sent to a bit-split state machine for verification. As a solution for speed-mismatching, a pipeline structure was purposed, which enabled the filter engine and the state machine to process sWings in parallel to achieve a higher throughput. In addition, by using some optimal methods such as threshold for rules, the resource consumption is reduced and the scalability is improved while preserving the desired speed of original scheme.
作者 刘威 郭渊博 黄鹏
机构地区 解放军信息工程大学电子技术学院
出处 《电子学报》 EI CAS CSCD 北大核心 2010年第5期1095-1099,共5页 Acta Electronica Sinica
基金 国家863高科技研究发展计划(No.2007AA01Z405) 河南省科技创新人才计划(杰出青年)基金
关键词 BLOOM FILTER 位拆分状态机 流水线结构 bloom filter bit-split state machine pipeline structure
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1牟永敏,李美贵,梁琦.入侵检测系统中模式匹配算法的研究[J].电子学报,2006,34(B12):2488-2490. 被引量:20
  • 2Sarang Dharpmapurikar, John W Lockwood. Fast and scalable pattem matching for network intrusion detection systems [ J ]. IEEE on selected areas in communications,2006,24(10) : 1781 - 1792.
  • 3李伟男,鄂跃鹏,葛敬国,钱华林.多模式匹配算法及硬件实现[J].软件学报,2006,17(12):2403-2415. 被引量:42
  • 4Jung-sik Sung, Eok-Min Kang. A muiti-gigabit rate deep packet inspection algorithm using TCAM[ A]. Global Telecommunications Conference 2005 [ C]. St. Louis: IEEE, 2006. 234 - 239.
  • 5Sarang Dharpmapudkar, P Krishnamurthy, T Sproull, J W Lockwood. Deep packet inspection using parallel bloom filters[J].Micro, IEEE, 2004,24(1) :52 - 61.
  • 6叶明江,崔勇,徐恪,吴建平.基于有状态Bloom filter引擎的高速分组检测[J].软件学报,2007,18(1):117-126. 被引量:13
  • 7M V Ramakfishna, E Fu,E Bahcekapili. A performace study of hash fuctions for hardware applications[ A]. Proc. ICC'94[C]. New Orlean: 1F.EE, 1994. 1621 - 1636.
  • 8M Nourani, P Katta. Bloom filter accelerator for string matching[A]. ICCCN2007[C]. Hawaii: IEEE,2007. 185 - 190.
  • 9Lin Tan, Timothy Sherwood. A high throughput string matching architecture for intrusion detection and prevention[A]. 32st International Symposium on Computer Architecture [ C ]. Washington: IEEE Computer Society, 2005.112 - 122.

二级参考文献24

  • 1伊静,刘培玉.入侵检测中模式匹配算法的研究[J].计算机应用与软件,2005,22(1):112-114. 被引量:14
  • 2苏璞睿,冯登国.基于进程行为的异常检测模型[J].电子学报,2006,34(10):1809-1811. 被引量:17
  • 3Moore D,Paxson V,Savage S,Shannon C,Staniford S,Weaver N.Inside the slammer worm.IEEE Security and Privacy,2003,1(4):33-39.
  • 4Moore D,Shannon C.Code-Red:A case study on the spread and victims of an Internet worm.In:Proc.of the 2002 ACM SICGOMM Internet Measurement Workshop.Marseille,2002.273-284.http://portal.acm.org/citation.cfm?id=637244&dl= ACM&coll=&CFID=15151515&CFTOKEN=6184618
  • 5Kim HA,Karp B.Autograph:Toward automatic distributed worm signature detection.In:Proc.of the USENIX Security Symp.Diego,2004.271-286.http://www.usenix.org/events/sec04/tech/full_papers/kim/kim.pdf
  • 6Singh S,EstanC,Varghese G,Savage S.Automated worm fingerprinting.In:Proc.of the 6th ACM/USENIX Symp.on Operating System Design and Implementation (OSDI).San Francisco,2004.45-60.http://www.usenix.org/events/osdi04/tech/full_papers/ singh/singh.pdf
  • 7Axelsson.Intrusion detection systems:A survey and taxonomy.Technical Report,99-15,Chalmers University,2000.
  • 8Bloom B.Space/Time trade-offs in Hash coding with allowable errors.Communications of the ACM,1970,13(7):422-426.
  • 9Dharmapurikar S,Krishnamurthy P,Sproull T,Lockwood J.Deep packet inspection using parallel Bloom filters.In:Proc.of the Symp.on High Performance Interconnects (HotI).Stanford,2003.44-51.http://www.hoti.org/archive/Hoti11_program/papers/ hoti11_07_dharmapurikar_s.pdf
  • 10Dharmapurikar S,Attig M,Lockwood J.Design and implementation of a string matching system for network intrusion detection using FPGA-based Bloom filters.Technical Report,WUCSE-2004-12,St.Louis:Washington University,2004.

共引文献71

同被引文献74

  • 1李伟男,鄂跃鹏,葛敬国,钱华林.多模式匹配算法及硬件实现[J].软件学报,2006,17(12):2403-2415. 被引量:42
  • 2叶明江,崔勇,徐恪,吴建平.基于有状态Bloom filter引擎的高速分组检测[J].软件学报,2007,18(1):117-126. 被引量:13
  • 3A. Broder, M. Mitzenmaeher. Network applications of bloom filters: A survey [J]. Internet Mathematics, 2005,1(4) :485-509.
  • 4M. Mitzenmacher. Compressed Bloom Filters [J]. IEEE/ ACM Transactions on Networking, 2002,10 (5) : 604-612.
  • 5Liu Rong-tai,Huang Nen-fu,Chen Chih-hao,et al.A fast stringmatching algorithm for network processor-based intrusion detection system[J].ACM Trans on Embedded Computing Systems,2004,3 (3):614-633.
  • 6Cho Y,Mangione-Smith W.Fast reconfiguring deep packet filter for 1 + gigabit network[C] // Proc.of IEEE FCCM ' 05.Washington,DC:IEEE Computer Society,2005:215-224.
  • 7Sourdis I,Pnevmatikatos D.Pre-decoded CAMs for efficient and high-speed NIDS pattern matching[C] //Proc.of IEEE FCCM'04.Washington,DC:IEEE Computer Society,2004:258-267.
  • 8Sourdis I,Pnevmatikatos D.Fast,large-scale string match for a 10Gbps FPGA-based network intrusion detection system[C] //Proc.of FPL'03.LNCS 2778.Berlin:Springer,2003:880-889.
  • 9Cho Y,Mangione-Smith W.Deep packet filter with dedicated logic and read only memories[C] // Proc.of IEEE FCCM'04.Washington.IC:IEEE Computer Society,2004:125-134.
  • 10Clark C,Schimmel D.Efficient reconfigurable logic circuits for matching complex network intrusion detection patterns[C] //Proc.of FPL'03.LNCS 2778,Berlin:Springer,2003:956-959.

引证文献8

二级引证文献18

电子学报
2010年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部