Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
INFOCOM
2007
IEEE
2007
IEEE
TriBiCa: Trie Bitmap Content Analyzer for High-Speed Network Intrusion Detection
Abstract—Deep packet inspection (DPI) is often used in network intrusion detection and prevention systems (NIDPS), where incoming packet payloads are compared against known attack signatures. Processing every single byte in the incoming packet payload has a very stringent time constraint, e.g., 200 ps for a 40-Gbps line. Traditional DPI systems either need a large memory space or use special memory such as ternary content addressable memory (TCAM), limiting parallelism, or yielding high cost/power consumption. In this paper, we present a highspeed, single-chip DPI scheme that is scalable and configurable through memory updates. The scheme is based on a novel data structure called TriBiCa (Trie Bitmap Content Analyzer), which provides minimal perfect hashing functionality. It uses a trie structure with a hash function performed at each layer. Branching is determined by the hashing results with an objective to evenly partition attack signatures into multiple groups at each layer. Duri...
Real-time TrafficAttack Signatures | Communications | Content Addressable Memory | Incoming Packet Payload | INFOCOM 2007 |
| Added | 03 Jun 2010 |
| Updated | 03 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | INFOCOM |
| Authors | N. Sertac Artan, H. Jonathan Chao |
Comments (0)
Researcher Info
|
