Modified Data Structure of Aho-Corasick Project ECE-526 Spring 2006 Benfano Soewito, Ed Flanigan and John Pangrazio Southern Illinois University Carbondale.

Slides:



Advertisements
Similar presentations
Fast and Scalable Pattern Matching for Content Filtering Sarang Dharmapurikar John Lockwood.
Advertisements

Network Algorithms, Lecture 4: Longest Matching Prefix Lookups George Varghese.
An On-Chip IP Address Lookup Algorithm Author: Xuehong Sun and Yiqiang Q. Zhao Publisher: IEEE TRANSACTIONS ON COMPUTERS, 2005 Presenter: Yu Hao, Tseng.
Massively Parallel Cuckoo Pattern Matching Applied For NIDS/NIPS  Author: Tran Ngoc Thinh, Surin Kittitornkun  Publisher: Electronic Design, Test and.
Efficient Memory Utilization on Network Processors for Deep Packet Inspection Piti Piyachon Yan Luo Electrical and Computer Engineering Department University.
Outline Introduction Related work on packet classification Grouper Performance Empirical Evaluation Conclusions.
Tries Standard Tries Compressed Tries Suffix Tries.
A Memory-Efficient Reconfigurable Aho-Corasick FSM Implementation for Intrusion Detection Systems Authors: Seongwook Youn and Dennis McLeod Presenter:
1 An Evolution of Pattern Matching within Network Intrusion Detection Systems Erik Anderson 9 November 2006.
➢ Performing Technology Mapping and Optimization by DAG Covering: A Review of Traditional Approaches Evriklis Kounalakis.
Deterministic Memory- Efficient String Matching Algorithms for Intrusion Detection Nathan Tuck, Timothy Sherwood, Brad Calder, George Varghese Department.
Efficient IP-Address Lookup with a Shared Forwarding Table for Multiple Virtual Routers Author: Jing Fu, Jennifer Rexford Publisher: ACM CoNEXT 2008 Presenter:
1 Energy Efficient Multi-match Packet Classification with TCAM Fang Yu
Parallel-Search Trie-based Scheme for Fast IP Lookup
1 Efficient String Matching : An Aid to Bibliographic Search Alfred V. Aho and Margaret J. Corasick Bell Laboratories.
Aho-Corasick String Matching An Efficient String Matching.
1 Gigabit Rate Multiple- Pattern Matching with TCAM Fang Yu Randy H. Katz T. V. Lakshman
ECE 526 – Network Processing Systems Design Network Security: string matching algorithm Chapter 17: George Varghese.
SSA: A Power and Memory Efficient Scheme to Multi-Match Packet Classification Fang Yu 1 T. V. Lakshman 2 Martin Austin Motoyama 1 Randy H. Katz 1 1 EECS.
1 Performing packet content inspection by longest prefix matching technology Authors: Nen-Fu Huang, Yen-Ming Chu, Yen-Min Wu and Chia- Wen Ho Publisher:
A High Throughput String Matching Architecture for Intrusion Detection and Prevention Lin Tan U of Illinois, Urbana Champaign Tim Sherwood UC, Santa Barbara.
Modified Data Structure of Aho-Corasick Project ECE-526 Spring 2006 Benfano Soewito, Ed Flanigan and John Pangrazio Southern Illinois University Carbondale.
Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.
Gnort: High Performance Intrusion Detection Using Graphics Processors Giorgos Vasiliadis, Spiros Antonatos, Michalis Polychronakis, Evangelos Markatos,
1 ARCHITECTURES FOR BIT-SPLIT STRING SCANNING IN INTRUSION DETECTION Author: Lin Tan, Timothy Sherwood Publisher: IEEE MICRO, 2006 Presenter: Hsin-Mao.
A Fast Algorithm for Multi-Pattern Searching Sun Wu, Udi Manber May 1994.
1 Exact Set Matching Charles Yan Exact Set Matching Goal: To find all occurrences in text T of any pattern in a set of patterns P={p 1,p 2,…,p.
Address Lookup in IP Routers. 2 Routing Table Lookup Routing Decision Forwarding Decision Forwarding Decision Routing Table Routing Table Routing Table.
RAID2005 CardGuard: Towards software-based signature detection for intrusion prevention on the network card Herbert Bos and Kaiming Huang presented by.
Presentation by : Samad Najjar Enhancing the performance of intrusion detection system using pre-process mechanisms Supervisor: Dr. L. Mohammad Khanli.
CSE7701: Research Seminar on Networking
Identifying Reversible Functions From an ROBDD Adam MacDonald.
A High Throughput String Matching Architecture for Intrusion Detection and Prevention Lin Tan, Timothy Sherwood Appeared in ISCA 2005 Presented by: Sailesh.
Author : Ozgun Erdogan and Pei Cao Publisher : IEEE Globecom 2005 (IJSN 2007) Presenter : Zong-Lin Sie Date : 2010/12/08 1.
Sujayyendhiren RS, Kaiqi Xiong and Minseok Kwon Rochester Institute of Technology Motivation Experimental Setup in ProtoGENI Conclusions and Future Work.
Accelerating Multipattern Matching on Compressed HTTP Traffic Published in : IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 20, NO. 3, JUNE 2012 Authors : Bremler-Barr,
An Improved Algorithm to Accelerate Regular Expression Evaluation Author: Michela Becchi, Patrick Crowley Publisher: 3rd ACM/IEEE Symposium on Architecture.
Space-Time Tradeoffs in Software-Based Deep Packet Inspection Anat Bremler-Barr Yotam Harchol ⋆ David Hay IDC Herzliya, Israel Hebrew University, Israel.
Space-Time Tradeoffs in Software-Based Deep Packet Inspection Anat Bremler-Barr Yotam Harchol ⋆ David Hay IDC Herzliya, Israel Hebrew University, Israel.
FPGA Based String Matching for Network Processing Applications Janardhan Singaraju, John A. Chandy Presented by: Justin Riseborough Albert Tirtariyadi.
Fast Packet Classification Using Bloom filters Authors: Sarang Dharmapurikar, Haoyu Song, Jonathan Turner, and John Lockwood Publisher: ANCS 2006 Present:
1 Pattern Matching Using n-gram Sampling Of Cumulative Algebraic Signatures : Preliminary Results Witold Litwin[1], Riad Mokadem1, Philippe Rigaux1 & Thomas.
MASCOTS 2003 An Active Traffic Splitter Architecture for Intrusion Detection Ioannis Charitakis Institute of Computer Science Foundation of Research And.
Sampling Techniques to Accelerate Pattern Matching in Network Intrusion Detection Systems Author : Domenico Ficara, Gianni Antichi, Andrea Di Pietro, Stefano.
Design and Analysis of Algorithms - Chapter 71 Space-time tradeoffs For many problems some extra space really pays off: b extra space in tables (breathing.
Sets of Digital Data CSCI 2720 Fall 2005 Kraemer.
TCAM –BASED REGULAR EXPRESSION MATCHING SOLUTION IN NETWORK Phase-I Review Supervised By, Presented By, MRS. SHARMILA,M.E., M.ARULMOZHI, AP/CSE.
Memory-Efficient IPv4/v6 Lookup on FPGAs Using Distance-Bounded Path Compression Author: Hoang Le, Weirong Jiang and Viktor K. Prasanna Publisher: IEEE.
Author : Sarang Dharmapurikar, John Lockwood Publisher : IEEE Journal on Selected Areas in Communications, 2006 Presenter : Jo-Ning Yu Date : 2010/12/29.
A Scalable Architecture For High-Throughput Regular-Expression Pattern Matching Yao Song 11/05/2015.
Updating Designed for Fast IP Lookup Author : Natasa Maksic, Zoran Chicha and Aleksandra Smiljani´c Conference: IEEE High Performance Switching and Routing.
An Improved DFA for Fast Regular Expression Matching Author : Domenico Ficara 、 Stefano Giordano 、 Gregorio Procissi Fabio Vitucci 、 Gianni Antichi 、 Andrea.
Packet Classification Using Multidimensional Cutting Sumeet Singh (UCSD) Florin Baboescu (UCSD) George Varghese (UCSD) Jia Wang (AT&T Labs-Research) Reviewed.
Accelerating Multi-Pattern Matching on Compressed HTTP Traffic Dr. Anat Bremler-Barr (IDC) Joint work with Yaron Koral (IDC), Infocom[2009]
ACCELERATING VIRUS SCANNING WITH GPU Project by: Sinthuja K. Thipakar S. Computer Engineering Department, University of Peradeniya.
Gnort: High Performance Network Intrusion Detection Using Graphics Processors Date:101/2/15 Publisher:ICS Author:Giorgos Vasiliadis, Spiros Antonatos,
Ofir Luzon Supervisor: Prof. Michael Segal Longest Prefix Match For IP Lookup.
Tries 07/28/16 11:04 Text Compression
Mark Redekopp David Kempe
CSE7701: Research Seminar on Networking
Ambika Shrestha Chitrakar Prof. Slobodan Petrovic
HEXA: Compact Data Structures for Faster Packet Processing
James Logan CS526 Dr. Chow April 29, 2009
CSCE350 Algorithms and Data Structure
KUO-KUN TSENG, YUAN-CHENG LAI, YING-DAR LIN, and TSERN-HUEI LEE
Using decision trees to improve signature-based intrusion detection
Author: Yaron Weinsberg ,Shimrit Tzur-David ,Danny Dolev and Tal Anker
High-Performance Pattern Matching for Intrusion Detection
2019/10/19 Efficient Software Packet Processing on Heterogeneous and Asymmetric Hardware Architectures Author: Eva Papadogiannaki, Lazaros Koromilas, Giorgos.
Presentation transcript:

Modified Data Structure of Aho-Corasick Project ECE-526 Spring 2006 Benfano Soewito, Ed Flanigan and John Pangrazio Southern Illinois University Carbondale

Introduction Aho-Corasick Algorithm is used to implement rule checking for Snort type Intrusion Detection Systems. IDS Sensors are currently placed on hosts and end nodes Can prevent damage sooner if at core of network

Previous work A pattern matching machine for the set of keywords {he, she, his, hers} It has 256 next state pointers which use large amounts memory

Aho-Corasick Aho-Corasick: Multi-pattern string matching Time linear in the size of input How it works: Construct the state machine The state machine starts in the empty root node Each pattern is added to the state machine Failure pointers are added from each node to the longest prefix

Boyer-Moore The idea is reduce the large number of comparison the string a b b a d a b a c b a b a b a c This is a good algorithm for single pattern. > we need fast multi string algorithm because the speed of network traffic and the database of the rule growth significantly.

Methodology Goal in this project: Modify the Aho-Corasick algorithm to use less space in memory. Methodology: Use a single pointer instead 256 pointers Use 256 bit bitmap

Methodology continue Diagram Bitmap Data Structure

Expected result Use of memory efficient algorithm will allow implementation of Snort rules in a memory of 1.5Mb instead of 60Mb. Allows the rules to be stored in SRAM on a router/switch instead of independent host Uses fewer memory lookups and faster search method.

References A. V. Aho and M. J. Corasick. Efficient string matching: An aid to bibliographic search. Communications of the ACM, 18(6):333–340, By G. Varghese, T. Sherwood, N. Tuck and Brad Calder. "Deterministic Memory-Efficient String Matching Algorithms for Intrusion Detection“ R. S. Boyer and J. S. Moore. A fast string searching algorithm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.