Skip to main content
SpringerLink
Log in

Centralized Parallel Form of Pattern Matching Algorithm in Packet Inspection by Efficient Utilization of Secondary Memory in Network Processor

  • Conference paper
Global Trends in Computing and Communication Systems (ObCom 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 269))

Included in the following conference series:

  • 1988 Accesses

Abstract

The Network detection engine have capable of inspecting the packet and find out increasing number of network worms and virus . The high level of network providing packet inspection in detection system and the network equipments applies the predefined pattern to identify and manage the monitor packet over the network. Therefore consequently the emerging high level network equipments need to contribute pattern matching and packet inspection. However, searching for patterns at multiple offsets in entire content of network packet requires more processing power than most general purpose processor can provide. We present a novel architecture for programmable centralized parallel pattern matching algorithm for efficient packet inspection with network processor . We mapped our centralized multi parallel pattern matching algorithm [CNMPPMA] for filter packet in parallel. The simulation result reveals that CNMPPMA significantly improves the matching performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Snort (2008), http://www.snort.org

  2. Antonatos, S., Anagnostakis, K.G., Markatos, E.P.: Generating Realistic Workloads for Network Intrusion Detection Systems. In: Proc. Fourth Int’l ACM Workshop Software and Performance, WOSP (2004)

    Google Scholar 

  3. Horspool, R.N.: Practical Fast Searching in Strings. Software Practice and Experience 10(6), 501–506 (1980)

    Article  Google Scholar 

  4. Aho, A.V., Corasick, M.J.: Efficient String Matching: An Aid to Bibliographic Search. Comm. ACM 18(6), 330–340 (1975)

    Article  MathSciNet  Google Scholar 

  5. Fisk, M., Varghese, G.: Fast Content-Based Packet Handling for Intrusion Detection, UCSD Technical Report CS2001-0670 (May 2001)

    Google Scholar 

  6. Erdogan, O., Cao, P.: Hash-AV: Fast Virus Signature Scanning by Cache-Resident Filters. In: Proc. IEEE Global Telecomm. Conf. (GLOBECOM 2005) (November 2005)

    Google Scholar 

  7. Lakshmanamurthy, S., Liu, K.-Y., Pun, Y., Huston, L., Naik, U.: Network Processor Performance Analysis Methodology. Intel. Technology J. 6 (August 2002)

    Google Scholar 

  8. Tuck, N., Sherwood, T., Calder, B., Varghese, G.: Deterministic Memory-Efficient String Matching Algorithms for Intrusion Detection. In: Proc. IEEE INFOCOM (March 2004)

    Google Scholar 

  9. Sheu, T.-F., Huang, N.-F., Lee, H.-P.: A Novel Hierarchical Matching Algorithm for Intrusion Detection Systems. In: Proc. IEEE Global Telecomm. Conf, GLOBECOM 2005 (November 2005)

    Google Scholar 

  10. Wu, S., Manber, U.: A Fast Algorithm for Multi-Pattern Searching, Technical Report TR94-17, Dept. Computer Science, Univ. of Arizona (May 1994)

    Google Scholar 

  11. Markatos, E., Antonatos, S., Polychronakis, M., Anagnostakis, K.: Exclusion-Based Signature Matching for Intrusion Detection. In: Proc. IASTED Int’l Conf. Comm. and Computer Networks, CCN 2002 (October 2002)

    Google Scholar 

  12. Liu, R.-T., Huang, N.-F., Chen, C.-H., Kao, C.-N.: A Fast String Matching Algorithm for Network Processor-Based Intrusion Detection System. ACM Trans. Embedded Computing Systems 3(3) (August 2004)

    Google Scholar 

  13. Boyer, R.S., Moor, J.S.: A Fast String Searching Algorithm. Comm. ACM 20(10), 762–772 (1977)

    Article  MATH  Google Scholar 

  14. Sheu, T.-F., Huang, N.-F., Lee, H.-P.: A Time- and Memory-Efficient String Matching Algorithm for Intrusion Detection Systems. In: Proc. IEEE Global Telecomm. Conf. (GLOBECOM 2006) (November 2006)

    Google Scholar 

  15. Coit, C.J., Staniford, S., McAlerney, J.: Towards Faster StringMatching for Intrusion Detection or Exceeding the Speed of Snort. In: Proc. Second DARPA Information Survivability Conf. and Exposition (DISCEX) (2001)

    Google Scholar 

  16. Antonatos, S., Polychronakis, M., Akritidis, P., Anagnostakis, K.G., Markatos, E.P.: Piranha: Fast and Memory-Efficient Pattern Matching for Intrusion Detection. In: Proc. 20th IFIP Int’l Information Security Conf. (SEC 2005) (May 2005)

    Google Scholar 

  17. Li, S., Torresen, J., Soraasen, O.: Exploiting Reconfigurable Hardware for Network Security. In: Proc. 11th Ann. IEEE Symp. Field-Programmable Custom Computing Machines (FCCM) (2003)

    Google Scholar 

  18. Kim, S., Kim, Y.: A Fast Multiple String-Pattern Matching Algorithm. In: Proc. 17th AoM/IAoM Int’l Conf. Computer Science (August 1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CSE Dept., Arulmigu Meenakshi Amman College of Engg, Thiruvannamalai Dt, Near Kanchipuram, India

    N. Kannaiya Raja & B. RajaRajeswari

  2. CSE Department, Ganadipathy Tulsi’s Jain Engineering College, Vellore, India

    K. Arulanandam

Authors
  1. N. Kannaiya Raja
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Arulanandam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. B. RajaRajeswari
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing Science and Engineering, VIT University, 632014, Vellore, TN, India

    P. Venkata Krishna

  2. School of Computing and Engineering, VIT University, 632014, Vellore, TN, India

    M. Rajasekhara Babu

  3. London Metropolitan University, UK

    Ezendu Ariwa

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kannaiya Raja, N., Arulanandam, K., RajaRajeswari, B. (2012). Centralized Parallel Form of Pattern Matching Algorithm in Packet Inspection by Efficient Utilization of Secondary Memory in Network Processor. In: Krishna, P.V., Babu, M.R., Ariwa, E. (eds) Global Trends in Computing and Communication Systems. ObCom 2011. Communications in Computer and Information Science, vol 269. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29219-4_76

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29219-4_76

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29218-7

  • Online ISBN: 978-3-642-29219-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation