Constraint Repetition Inspection for Regular Expression on FPGA

H
HOTI
2008
2008 16th IEEE Symposium on High Performance Interconnects
Abstract - Constraint Repetition Inspection for Regular Expression on FPGA

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Miad Faezipour Articles by Mehrdad Nourani

2008 16th IEEE Symposium on High Performance Interconnects

August 26-August 28

ISBN: 978-0-7695-3380-3

	ASCII Text	x
	Miad Faezipour, Mehrdad Nourani, "Constraint Repetition Inspection for Regular Expression on FPGA," High-Performance Interconnects, Symposium on, pp. 111-118, 2008 16th IEEE Symposium on High Performance Interconnects, 2008.

	BibTex	x
	@article{ 10.1109/HOTI.2008.14, author = {Miad Faezipour and Mehrdad Nourani}, title = {Constraint Repetition Inspection for Regular Expression on FPGA}, journal ={High-Performance Interconnects, Symposium on}, volume = {0}, year = {2008}, issn = {1550-4794}, pages = {111-118}, doi = {http://doi.ieeecomputersociety.org/10.1109/HOTI.2008.14}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - High-Performance Interconnects, Symposium on TI - Constraint Repetition Inspection for Regular Expression on FPGA SN - 1550-4794 SP111 EP118 A1 - Miad Faezipour, A1 - Mehrdad Nourani, PY - 2008 KW - Network Intrusion Detection System KW - Non-deterministic Finite Automata KW - Regular Expression KW - Constraint Repetition Inspection VL - 0 JA - High-Performance Interconnects, Symposium on ER -

Miad Faezipour

Mehrdad Nourani

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HOTI.2008.14

Recent network intrusion detection systems (NIDS) use regular expressions to represent suspicious or malicious character sequences in packet payloads in a more efficient way. This paper introduces a new basic building block based on Non-deterministic Finite Automata (NFA) hardware implementation to support complex constraint repetitions in regular expressions. This block is a customized counter capable of handling any type of constraint repetition, applicable to any sub-regular expression. We also introduce optimization techniques to reduce the area and improve the overall performance. We have implemented SNORT IDS regular expressions in hardware by taking advantage of the basic NFA building blocks, our proposed counting block and our proposed optimization techniques. We report experimental results for our architecture that verify area saving and performance improvement.

Index Terms:

Network Intrusion Detection System, Non-deterministic Finite Automata, Regular Expression, Constraint Repetition Inspection

Citation:

Miad Faezipour, Mehrdad Nourani, "Constraint Repetition Inspection for Regular Expression on FPGA," hoti, pp.111-118, 2008 16th IEEE Symposium on High Performance Interconnects, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.