Highly Efficient String Matching Circuit for IDS with FPGA

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Toshihiro Katashita Articles by Atusi Maeda Articles by Kenji Toda Articles by Yoshinori Yamaguchi

14th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'06)

Napa, California

April 24-April 26

ISBN: 0-7695-2661-6

	ASCII Text	x
	Toshihiro Katashita, Atusi Maeda, Kenji Toda, Yoshinori Yamaguchi, "Highly Efficient String Matching Circuit for IDS with FPGA," Field-Programmable Custom Computing Machines, Annual IEEE Symposium on, pp. 285-286, 14th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'06), 2006.

	BibTex	x
	@article{ 10.1109/FCCM.2006.51, author = {Toshihiro Katashita and Atusi Maeda and Kenji Toda and Yoshinori Yamaguchi}, title = {Highly Efficient String Matching Circuit for IDS with FPGA}, journal ={Field-Programmable Custom Computing Machines, Annual IEEE Symposium on}, volume = {0}, year = {2006}, isbn = {0-7695-2661-6}, pages = {285-286}, doi = {http://doi.ieeecomputersociety.org/10.1109/FCCM.2006.51}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Field-Programmable Custom Computing Machines, Annual IEEE Symposium on TI - Highly Efficient String Matching Circuit for IDS with FPGA SN - 0-7695-2661-6 SP285 EP286 A1 - Toshihiro Katashita, A1 - Atusi Maeda, A1 - Kenji Toda, A1 - Yoshinori Yamaguchi, PY - 2006 KW - null VL - 0 JA - Field-Programmable Custom Computing Machines, Annual IEEE Symposium on ER -

Toshihiro Katashita, National Institute of Advanced Industrial Science and Technology, Japan

Atusi Maeda, University of Tsukuba

Kenji Toda, National Institute of Advanced Industrial Science and Technology

Yoshinori Yamaguchi, University of Tsukuba

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/FCCM.2006.51

String matching circuits have been studied extensively for Intrusion Detection Systems so far. An NFA-based string matching circuit, one of the works, has expandability of processing data width. However the resource requirement increases markedly, it was difficult to implement an NFAbased string matching circuit with whole the Snort 2.3.3 rule (35461 characters) that processes at 10 Gbps on a single FPGA. In this paper, we propose a highly efficient string matching circuit for FPGA. In our circuit, redundant ANDgates and states in the NFA are eliminated to reduce the resource requirement. Consequently, our circuit is reduced in the resources requirement by over 50% as compared with a previous NFA-based circuit, and the synthesis result shows that a string matching circuit that includes the whole Snort 2.3.3 rule can be implemented onto a single xc2vp-100-6 FPGA with throughput over 10 Gbps.

Citation:

Toshihiro Katashita, Atusi Maeda, Kenji Toda, Yoshinori Yamaguchi, "Highly Efficient String Matching Circuit for IDS with FPGA," fccm, pp.285-286, 14th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.