The Community for Technology Leaders
RSS Icon
Issue No.05 - September/October (2009 vol.29)
pp: 56-65
Ying-Dar Lin , National Chiao Tung University
Po-Ching Lin , National Chung Cheng University
Yuan-Cheng Lai , National Taiwan University of Science and Technology
Tai-Ying Liu , Avermedia
<p>High-speed network content security applications often offload signature matching to hardware. In such systems, the throughput of the overall system, rather than the hardware engine alone, is significant. The authors offload virus scanning in the ClamAV antivirus package to the BFAST* hardware engine. They find that the data-passing processes significantly degrade system throughput.</p>
string matching, hardware-software codesign, deep packet inspection
Ying-Dar Lin, Po-Ching Lin, Yuan-Cheng Lai, Tai-Ying Liu, "Hardware-Software Codesign for High-Speed Signature-based Virus Scanning", IEEE Micro, vol.29, no. 5, pp. 56-65, September/October 2009, doi:10.1109/MM.2009.81
1. P.-C. Lin et al., "Using String Matching for Deep Packet Inspection," Computer, vol. 41, no. 4, Apr. 2008, pp. 23-28.
2. M. Aldwairi, T. Conte, and P. Franzon, "Configurable String Matching Hardware for Speeding Up Intrusion Detection," ACM SIGARCH Computer Architecture News, vol. 33, no. 1, 2005, pp. 99-107.
3. Z.K. Baker and V.K. Prasanna, "A Methodology for Synthesis of Efficient Intrusion Detection Systems on FPGAs," Proc. 12th Ann. IEEE Symp. Field-Programmable Custom Computing Machines (FCCM 04), IEEE CS Press, 2004, pp.135-144.
4. L. Tan, B. Brotherton, and T. Sherwood, "Bit-Split String-Matching Engines for Intrusion Detection and Prevention," ACM Trans. Architecture and Code Optimization, vol. 3, no. 1, Mar. 2006, pp. 3-34.
5. S. Dharmapurikar, M. Attig, and J. Lockwood, "Deep Packet Inspection Using Parallel Bloom Filters," IEEE Micro, vol. 24, no. 1, Jan./Feb. 2004, pp. 52-61.
6. N. Tuck et al., "Deterministic Memory-Efficient String Matching Algorithms for Intrusion Detection," Proc. IEEE Infocom Conf., IEEE Press, 2004, pp. 2628- 2639.
7. T. Liu et al., "The Design and Implementation of Zero-Copy for Linux," Proc. 8th Int'l Conf. Intelligent Systems Design and Application (ISDA 08), IEEE CS Press, 2008, pp. 121-126.
8. P. Halvorsen et al., "Performance Tradeoffs for Static Allocation of Zero-Copy Buffers," Proc. Euromicro Conf. (EuroMicro 02), IEEE CS Press, 2002, pp. 138-143.
9. M. Handley, C. Kreibich, and V. Paxson, "Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics," Proc. Usenix Security Symp., Usenix Assoc., 2001, pp. 115-131.
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool