Abstract | ||
---|---|---|
At the heart of almost every modern Network Intrusion Detection System (NIDS), there is a pattern matching engine (PME). As pattern matching is the most time consuming operation in NIDS, it is highly desired to reduce the pattern matching time of each packet or flow. This paper proposed a parallel pattern matching algorithm based on Aho-Corasick (AC) algorithm and an efficient load balance policy for it. The method is implemented on Intel's IXP2850 Network Processor (NP). Experimental results show that when using eight processors, the pattern matching time of each packet or flow can decrease to 60.44%similar to 14.42%. Based on the parallel algorithm, a PME utilizing parallel processing on three levels is proposed. Experimental results on IXP2850 show that the throughput speedup of pattern matching is 13.34 similar to 55.48 times. |
Year | DOI | Venue |
---|---|---|
2005 | null | SAM '05: Proceedings of the 2005 International Conference on Security and Management |
Keywords | Field | DocType |
NIDS,pattern matching,parallel processing,network processor | String searching algorithm,Network processor,Parallel algorithm,Computer science,Load balancing (computing),Network packet,Parallel computing,Throughput,Pattern matching,Speedup | Conference |
Volume | Issue | ISSN |
null | null | null |
Citations | PageRank | References |
2 | 0.40 | 4 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jianming Yu | 1 | 66 | 9.02 |
Jun Li | 2 | 338 | 38.15 |