摘要
随着网络带宽超越摩尔定律的高速增长,基于通用处理器的软件算法无法满足高速网络的性能要求,设计利用专用硬件结构才能更大限度地提高性能,但硬件结构的使用不像软件算法只需调用函数接口那样简单。针对网络安全系统的性能瓶颈问题,设计实现了一个基于主从协同处理模型的内容安全硬件加速卡,该加速卡通过标准总线协议与主机通信,采用可编程逻辑器件实现特征匹配结构。该模型可减少网络安全系统使用硬件结构时的系统修改,并使两者协同工作,提高数据交换效率,优化系统整体性能。
With the rapid development of network speed exceeding Moore Law,the performance of software algorithms based on universal processor cannot match the need of high network speed.A special hardware architecture can improve the performance more efficiently while it is not as simply utilized as software application programming interface.For the performance bottleneck in network security system,a master-slave co-processing model for hardware pattern matching architecture is proposed.Based on the model,a content-based pattern matching accelerator card is designed and realized.The pattern match hardware architecture is implemented in the accelerator card on FPGA,working with PC server through standard bus protocol.The model reduces software development work when using the hardware card replacing software lib,and improves the data exchanging efficiency and the system performance through network security system.
出处
《北京信息科技大学学报(自然科学版)》
2012年第6期34-41,共8页
Journal of Beijing Information Science and Technology University
基金
北京市教育委员会科技计划面上项目(KM201110772014)
北京信息科技大学网络文化与数字传播北京市重点实验室开放课题.核高基重大专项网络集成办公软件研发及产业化(2010ZX01044-001-001)
关键词
主从协同处理
特征匹配
深包检测
内容安全
master-slave co-processing
pattern matching
deep packet inspection
content security
