Abstract
The Network detection engine have capable of inspecting the packet and find out increasing number of network worms and virus . The high level of network providing packet inspection in detection system and the network equipments applies the predefined pattern to identify and manage the monitor packet over the network. Therefore consequently the emerging high level network equipments need to contribute pattern matching and packet inspection. However, searching for patterns at multiple offsets in entire content of network packet requires more processing power than most general purpose processor can provide. We present a novel architecture for programmable centralized parallel pattern matching algorithm for efficient packet inspection with network processor . We mapped our centralized multi parallel pattern matching algorithm [CNMPPMA] for filter packet in parallel. The simulation result reveals that CNMPPMA significantly improves the matching performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Snort (2008), http://www.snort.org
Antonatos, S., Anagnostakis, K.G., Markatos, E.P.: Generating Realistic Workloads for Network Intrusion Detection Systems. In: Proc. Fourth Int’l ACM Workshop Software and Performance, WOSP (2004)
Horspool, R.N.: Practical Fast Searching in Strings. Software Practice and Experience 10(6), 501–506 (1980)
Aho, A.V., Corasick, M.J.: Efficient String Matching: An Aid to Bibliographic Search. Comm. ACM 18(6), 330–340 (1975)
Fisk, M., Varghese, G.: Fast Content-Based Packet Handling for Intrusion Detection, UCSD Technical Report CS2001-0670 (May 2001)
Erdogan, O., Cao, P.: Hash-AV: Fast Virus Signature Scanning by Cache-Resident Filters. In: Proc. IEEE Global Telecomm. Conf. (GLOBECOM 2005) (November 2005)
Lakshmanamurthy, S., Liu, K.-Y., Pun, Y., Huston, L., Naik, U.: Network Processor Performance Analysis Methodology. Intel. Technology J. 6 (August 2002)
Tuck, N., Sherwood, T., Calder, B., Varghese, G.: Deterministic Memory-Efficient String Matching Algorithms for Intrusion Detection. In: Proc. IEEE INFOCOM (March 2004)
Sheu, T.-F., Huang, N.-F., Lee, H.-P.: A Novel Hierarchical Matching Algorithm for Intrusion Detection Systems. In: Proc. IEEE Global Telecomm. Conf, GLOBECOM 2005 (November 2005)
Wu, S., Manber, U.: A Fast Algorithm for Multi-Pattern Searching, Technical Report TR94-17, Dept. Computer Science, Univ. of Arizona (May 1994)
Markatos, E., Antonatos, S., Polychronakis, M., Anagnostakis, K.: Exclusion-Based Signature Matching for Intrusion Detection. In: Proc. IASTED Int’l Conf. Comm. and Computer Networks, CCN 2002 (October 2002)
Liu, R.-T., Huang, N.-F., Chen, C.-H., Kao, C.-N.: A Fast String Matching Algorithm for Network Processor-Based Intrusion Detection System. ACM Trans. Embedded Computing Systems 3(3) (August 2004)
Boyer, R.S., Moor, J.S.: A Fast String Searching Algorithm. Comm. ACM 20(10), 762–772 (1977)
Sheu, T.-F., Huang, N.-F., Lee, H.-P.: A Time- and Memory-Efficient String Matching Algorithm for Intrusion Detection Systems. In: Proc. IEEE Global Telecomm. Conf. (GLOBECOM 2006) (November 2006)
Coit, C.J., Staniford, S., McAlerney, J.: Towards Faster StringMatching for Intrusion Detection or Exceeding the Speed of Snort. In: Proc. Second DARPA Information Survivability Conf. and Exposition (DISCEX) (2001)
Antonatos, S., Polychronakis, M., Akritidis, P., Anagnostakis, K.G., Markatos, E.P.: Piranha: Fast and Memory-Efficient Pattern Matching for Intrusion Detection. In: Proc. 20th IFIP Int’l Information Security Conf. (SEC 2005) (May 2005)
Li, S., Torresen, J., Soraasen, O.: Exploiting Reconfigurable Hardware for Network Security. In: Proc. 11th Ann. IEEE Symp. Field-Programmable Custom Computing Machines (FCCM) (2003)
Kim, S., Kim, Y.: A Fast Multiple String-Pattern Matching Algorithm. In: Proc. 17th AoM/IAoM Int’l Conf. Computer Science (August 1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kannaiya Raja, N., Arulanandam, K., RajaRajeswari, B. (2012). Centralized Parallel Form of Pattern Matching Algorithm in Packet Inspection by Efficient Utilization of Secondary Memory in Network Processor. In: Krishna, P.V., Babu, M.R., Ariwa, E. (eds) Global Trends in Computing and Communication Systems. ObCom 2011. Communications in Computer and Information Science, vol 269. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29219-4_76
Download citation
DOI: https://doi.org/10.1007/978-3-642-29219-4_76
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29218-7
Online ISBN: 978-3-642-29219-4
eBook Packages: Computer ScienceComputer Science (R0)