Abstract | ||
---|---|---|
Middlebox services that inspect packet payloads have become commonplace. Today, anyone can sign up for cloud-based Web application firewall with a single click. These services typically look for known patterns that might appear anywhere in the payload. The key challenge is that existing solutions for pattern matching have become a bottleneck because software packet processing technologies have advanced. The popularization of cloud-based services has made the problem even more critical.This paper presents an efficient multi-pattern string matching algorithm, called DFC. DFC significantly reduces the number of memory accesses and cache misses by using small and cache-friendly data structures and avoids instruction pipeline stalls by minimizing sequential data dependency. Our evaluation shows that DFC improves performance by 2.0 to 3.6 times compared to state-of-the-art on real traffic workload obtained from a commercial network. It also outperforms other algorithms even in the worst case. When applied to middlebox applications, such as network intrusion detection, anti-virus, and Web application firewalls, DFC delivers 57-160% improvement in performance. |
Year | Venue | Field |
---|---|---|
2016 | 13TH USENIX SYMPOSIUM ON NETWORKED SYSTEMS DESIGN AND IMPLEMENTATION (NSDI '16) | String searching algorithm,Bottleneck,Middlebox,Cache,Computer science,Network packet,Computer network,Real-time computing,Application firewall,Packet processing,Cloud computing,Distributed computing |
DocType | Citations | PageRank |
Conference | 1 | 0.40 |
References | Authors | |
0 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Byungkwon Choi | 1 | 11 | 2.61 |
Jongwook Chae | 2 | 1 | 0.40 |
Muhammad Asim Jamshed | 3 | 135 | 6.57 |
KyoungSoo Park | 4 | 1198 | 73.47 |
Dongsu Han | 5 | 994 | 48.46 |