Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AINA
2008
IEEE
2008
IEEE
Improved TCAM-Based Pre-Filtering for Network Intrusion Detection Systems
—With the increasing growth of the Internet, the explosion of attacks and viruses significantly affects the network security. Network Intrusion Detection System (NIDS) is developed to identify these network attacks by a set of rules. However, searching for multiple patterns is a computationally expensive task in NIDS. Traditional software-based solutions can not meet the high bandwidth demanded in current high-speed networks. In the past, the pre-filtering designed for NIDS is an effective technique that can reduce the processing overhead significantly. A FNPlike TCAM searching engine (FTSE) [5][6] is an example that uses an 2-stage architecture to detect whether an incoming string contains patterns. In this paper, we propose two techniques to improve the performance of FTSE that utilizes ternary content addressable memory (TCAM) as pre-filter to achieve gigabit performance. The first technique performs the w-byte suffix pattern match instead of using w-byte prefix. The second techni...
Real-time TrafficAINA 2008 | Computer Networks | Network Intrusion Detection System | TCAM Searching Engine | Traditional Software-based Solutions |
Related Content
| Added | 28 May 2010 |
| Updated | 28 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | AINA |
| Authors | Yeim-Kuan Chang, Ming-Li Tsai, Cheng-Chien Su |
Comments (0)
Researcher Info
|
