LIÊN KẾT WEBSITE
Eceb: Enhanced constraint repetition block for regular expression matching on FPGA
ECTI Transactions on Electrical Engineering, Electronics, and Communications Số 1, năm 2011 (Tập 9, trang 65-74)
ISSN: 16859545
ISSN: 16859545
DOI:
Tài liệu thuộc danh mục: Scopus
Article
English
Tóm tắt tiếng anh
Recent Network Intrusion Detection Systems (NIDSs) utilize Perl Compatible Regular Expression to describe malicious patterns existing in the content payload of packets more and more effciently. Several techniques are introduced to optimize the performance or complete the system for full support all of PCRE features in hardware platform, but some issues have just been solved partially. Constraint Repetition is among important characteristics of PCRE but its effective hardware-based implementation solutions are still limited. This paper describes an Enhanced Constraint rEpetition Block (ECEB) for regular expression matching engine in FPGA. To support more PCRE features, we improve our implementation to handle flag 'm' modifier. We also implement the block memory (BRAM) based character matching which saves a lot of LUTs and effectively improves overall system's throughput com-pared to related techniques. A software tool-chain for autogenerating PCRE matching system is also introduced. We do experiments on lowcost XC2VP50 Xilinx Virtex II Pro chip with the rule set of SNORT, an open source NIDS, to evaluate our implementation. The results verify that our architecture can achieve throughput up to 1Gbps and save up to 90% hardware resources compared with the conventional architecture.