Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching

14 years 3 months ago

Download www.ist-scampi.org

In this paper we advocate the use of pre-decoding for CAM-based pattern matching. We implement an FPGA based sub-system for NIDS (Snort) pattern matching using a combination of techniques. First, we reduce the area cost of character matching using (i) character pre-decoding before they are compared in the CAM line, and (ii) efficient shift register implementation using the SRL16 Xilinx cell. Second we achieve high operating frequencies by (iii) using fine grain pipelining for faster circuits and (iv) decoupling the data distribution network from the processing components. Our results show that for matching more than 18,000 characters (the entire SNORT rule set) our implementation

Ioannis Sourdis, Dionisios N. Pnevmatikatos

Real-time Traffic

CAM-based Pattern Matching | FCCM 2004 | FPGA Based Sub-system | Pattern Matching | VLSI |

claim paper

Post Info
More Details (n/a)

Added	20 Aug 2010
Updated	20 Aug 2010
Type	Conference
Year	2004
Where	FCCM
Authors	Ioannis Sourdis, Dionisios N. Pnevmatikatos

Comments (0)

Sciweavers

Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching

CAM-based Pattern Matching | FCCM 2004 | FPGA Based Sub-system | Pattern Matching | VLSI |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers