Presentation is loading. Please wait.

Presentation is loading. Please wait.

Optimization of Regular Expression Pattern Matching Circuits on FPGA Authors: Cheng-Hung Lin, Chih-Tsun Huang, Chang-Ping Jiang, and Shih-Chieh Chang Publisher:

Published byErnest McKenzie Modified over 8 years ago

Similar presentations

Presentation on theme: "Optimization of Regular Expression Pattern Matching Circuits on FPGA Authors: Cheng-Hung Lin, Chih-Tsun Huang, Chang-Ping Jiang, and Shih-Chieh Chang Publisher:"— Presentation transcript:

1 Optimization of Regular Expression Pattern Matching Circuits on FPGA Authors: Cheng-Hung Lin, Chih-Tsun Huang, Chang-Ping Jiang, and Shih-Chieh Chang Publisher: IEEE VLSI, 2007 Present: Pei-Hua Huang Date: 2014/02/19

2 Introduction Regular expressions are widely used in the network intrusion detection system (NIDS) to represent attack patterns Due to the rapid increase of network attacks and data traffic, traditional software-only NIDS may be too slow for networking needs many studies [1][2][3][4][5] proposed hardware architectures for accelerating attack detection the main challenges of hardware implementation is to accommodate the large number regular expressions to FPGAs 1

3 Introduction 2

4 3

5 Regular expressions for attacks’ description In Snort, two types of regular expression are used to describe attack patterns The first type defines exact string patterns such as "Ahhhh My Mouth Is Open.” The second type consists of meta-characters (^, $, |, *, ?) ex. “^GET[^s]{432}” 4

6 Minimization of regular expression circuits Given m regular expressions, R 1,R 2,…, R m, and assuming that all of them have the infix common sub-pattern, R c, the m regular expressions can be represented as R 1pre R c R 1post, R 2pre R c R 2post,…, and R mpre R c R mpost two additional circuit blocks are inserted The switch module is used to memorize where the trigger signal comes from DeMux (De-Multiplexer) to guide the output of R c to the correct postfix circuit 5

7 Minimization of regular expression circuits 6

8 The new architecture has two constraints Constraint 1: For the m regular expressions in Figure 4, {R 1pre R c R 1post, R 2pre R c R 2post, …, R mpre R c R mpost }, the prefix R jpre cannot be null for j ∈ 1...m 7 Pattern1: abcdefgh Pattern2: defpq

9 Constraint 2: For the m regular expressions in Figure 4, {R 1pre R c R 1post, R 2pre R c R 2post, …, R mpre R c R mpost }, the R c cannot be shared if R jpre ⊂ R kpre R c, ∀ k ≠ j, k, j ∈ 1…m 8 Pattern1: abcdefgh Pattern2: dedefpq

10 Regular expression module generator The sharing gain of a common sub-pattern is defined to be the number of characters in the sub-pattern multiplies by the number of regular expressions having the sub-pattern For example, three regular expressions, “1Common1”, “2Common2”, and “3Common3” have the common sub- pattern “Common.” The sharing gain of the common sub- pattern is 18=6*3 9

11 10

12 Basic components of NFA approach 11

13 Basic components of NFA approach 12

14 Experimental results the regular expression patterns from Snort and Trend Micro all circuits being synthesized by Xilinx ISE7.1i, where the target FPGA is Xilinx Virtex XCV2000E consisting of 19,200 slices 13

15 14

Download ppt "Optimization of Regular Expression Pattern Matching Circuits on FPGA Authors: Cheng-Hung Lin, Chih-Tsun Huang, Chang-Ping Jiang, and Shih-Chieh Chang Publisher:"

Similar presentations

Deep Packet Inspection: Where are We? CCW08 Michela Becchi.

Deep Packet Inspection: Where are We? CCW08 Michela Becchi.
OBJECTIVES Learn the history of HDL Development. Learn how the HDL module is structured. Learn the use of operators in HDL module. Learn the different.

OBJECTIVES Learn the history of HDL Development. Learn how the HDL module is structured. Learn the use of operators in HDL module. Learn the different.
Architecture-Specific Packing for Virtex-5 FPGAs

Architecture-Specific Packing for Virtex-5 FPGAs
Massively Parallel Cuckoo Pattern Matching Applied For NIDS/NIPS  Author: Tran Ngoc Thinh, Surin Kittitornkun  Publisher: Electronic Design, Test and.

Massively Parallel Cuckoo Pattern Matching Applied For NIDS/NIPS  Author: Tran Ngoc Thinh, Surin Kittitornkun  Publisher: Electronic Design, Test and.
Prefix, Postfix, Infix Notation

Prefix, Postfix, Infix Notation
Authors: Raphael Polig, Kubilay Atasu, and Christoph Hagleitner Publisher: FPL, 2013 Presenter: Chia-Yi, Chu Date: 2013/10/30 1.

Authors: Raphael Polig, Kubilay Atasu, and Christoph Hagleitner Publisher: FPL, 2013 Presenter: Chia-Yi, Chu Date: 2013/10/30 1.
Multithreaded FPGA Acceleration of DNA Sequence Mapping Edward Fernandez, Walid Najjar, Stefano Lonardi, Jason Villarreal UC Riverside, Department of Computer.

Multithreaded FPGA Acceleration of DNA Sequence Mapping Edward Fernandez, Walid Najjar, Stefano Lonardi, Jason Villarreal UC Riverside, Department of Computer.
XFA : Faster Signature Matching With Extended Automata Author: Randy Smith, Cristian Estan and Somesh Jha Publisher: IEEE Symposium on Security and Privacy.

XFA : Faster Signature Matching With Extended Automata Author: Randy Smith, Cristian Estan and Somesh Jha Publisher: IEEE Symposium on Security and Privacy.
Pipelined Parallel AC-based Approach for Multi-String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

Pipelined Parallel AC-based Approach for Multi-String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
1 Author: Ioannis Sourdis, Sri Harsha Katamaneni Publisher: IEEE ASAP,2011 Presenter: Jia-Wei Yo Date: 2011/11/16 Longest prefix Match and Updates in Range.

1 Author: Ioannis Sourdis, Sri Harsha Katamaneni Publisher: IEEE ASAP,2011 Presenter: Jia-Wei Yo Date: 2011/11/16 Longest prefix Match and Updates in Range.
Moving NN Triggers to Level-1 at LHC Rates Triggering Problem in HEP Adopted neural solutions Specifications for Level 1 Triggering Hardware Implementation.

Moving NN Triggers to Level-1 at LHC Rates Triggering Problem in HEP Adopted neural solutions Specifications for Level 1 Triggering Hardware Implementation.
1 The scanning process Goal: automate the process Idea: –Start with an RE –Build a DFA How? –We can build a non-deterministic finite automaton (Thompson's.

1 The scanning process Goal: automate the process Idea: –Start with an RE –Build a DFA How? –We can build a non-deterministic finite automaton (Thompson's.
1 ReCPU:a Parallel and Pipelined Architecture for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng.

1 ReCPU:a Parallel and Pipelined Architecture for Regular Expression Matching Department of Computer Science and Information Engineering National Cheng.
11 FPGA based High speed and low area cost pattern matching Authors: Jian Huang, Zongkai Yang, Xu Du, and Wei Liu Publisher: Proceedings of IEEE Symposium.

11 FPGA based High speed and low area cost pattern matching Authors: Jian Huang, Zongkai Yang, Xu Du, and Wei Liu Publisher: Proceedings of IEEE Symposium.
1 FPGA-based ROM-free network intrusion detection using shift-OR circuit Department of Computer Science and Information Engineering National Cheng Kung.

1 FPGA-based ROM-free network intrusion detection using shift-OR circuit Department of Computer Science and Information Engineering National Cheng Kung.
Improved TCAM-based Pre-Filtering for Network Intrusion Detection Systems Department of Computer Science and Information Engineering National Cheng Kung.

Improved TCAM-based Pre-Filtering for Network Intrusion Detection Systems Department of Computer Science and Information Engineering National Cheng Kung.
1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science.

1 Regular expression matching with input compression : a hardware design for use within network intrusion detection systems Department of Computer Science.
1 Scalable Pattern Matching for High Speed Networks Authors: Christopher R.Clark and David E. Schemmel Publisher: Proceedings of IEEE Symposium on Field-

1 Scalable Pattern Matching for High Speed Networks Authors: Christopher R.Clark and David E. Schemmel Publisher: Proceedings of IEEE Symposium on Field-
Build-In Self-Test of FPGA Interconnect Delay Faults Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.

Build-In Self-Test of FPGA Interconnect Delay Faults Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.

Similar presentations

Ads by Google