Multi-byte Regular Expression Matching with Speculation

14 years 6 months ago

Download pages.cs.wisc.edu

Intrusion prevention systems determine whether incoming traﬃc matches a database of signatures, where each signature in the database represents an attack or a vulnerability. IPSs need to keep up with ever-increasing line speeds, which leads to the use of custom hardware. A major bottleneck that IPSs face is that they scan incoming packets one byte at a time, which limits their throughput and latency. In this paper, we present a method for scanning multiple bytes in parallel using speculation. We break the packet in several chunks, opportunistically scan them in parallel and if the speculation is wrong, correct it later. We present algorithms that apply speculation in single-threaded software running on commodity processors as well as algorithms for parallel hardware. Experimental results show that speculation leads to improvements in latency and throughput in both cases. Key words: low latency, parallel pattern matching, regular expressions, speculative pattern matching, multi-byte, ...

Daniel Luchaup, Randy Smith, Cristian Estan, Somes

Real-time Traffic

Computer Networks | Ever-increasing Line Speeds | Intrusion Prevention Systems | Pattern Matching | RAID 2009 |

claim paper

Post Info
More Details (n/a)

Added	27 May 2010
Updated	27 May 2010
Type	Conference
Year	2009
Where	RAID
Authors	Daniel Luchaup, Randy Smith, Cristian Estan, Somesh Jha

Comments (0)

Sciweavers

Multi-byte Regular Expression Matching with Speculation

Computer Networks | Ever-increasing Line Speeds | Intrusion Prevention Systems | Pattern Matching | RAID 2009 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers