Conference Proceeding
Implementation results of bloom filters for string matching
Appl. Res. Lab., Washington Univ., USA;
05/2004;
DOI:10.1109/FCCM.2004.41
ISBN: 0-7695-2230-0 pp.322- 323 In proceeding of: Field-Programmable Custom Computing Machines, 2004. FCCM 2004. 12th Annual IEEE Symposium on
Source: IEEE Xplore
-
Citations (0)
- Cited In (8)
-
Article: Efficient signature based malware detection on mobile devices.
Mobile Information Systems. 01/2008; 4:33-49. -
Article: A Survey on the Application of FPGAs for Network Infrastructure Security.
IEEE Communications Surveys and Tutorials. 01/2011; 13:541-561. -
Article: Realizing a Sub-Linear Time String-Matching Algorithm With a Hardware Accelerator Using Bloom Filters
[show abstract] [hide abstract]
ABSTRACT: Many network security applications rely on string matching to detect intrusions, viruses, spam, and so on. Since software implementation may not keep pace with the high-speed demand, turning to hardware-based solutions becomes promising. This work presents an innovative architecture to realize string matching in sub-linear time based on algorithmic heuristics, which come from parallel queries to a set of space-efficient Bloom filters. The algorithm allows skipping characters not in a match in the text, and in turn simultaneously inspect multiple characters in effect. The techniques to reduce the impact of certain bad situations on performance are also proposed: the bad-block heuristic, a linear worst-case time method and a non-blocking interface to hand over the verification job to a verification module. This architecture is simulated with both behavior simulation in C and timing simulation in HDL for antivirus applications. The simulation shows that the throughput of scanning Windows executable files for more than 10000 virus signatures can achieve 5.64 Gb/s, while the worst-case performance is 1.2 Gb/s if the signatures are properly specified.IEEE Transactions on Very Large Scale Integration (VLSI) Systems 09/2009; · 1.22 Impact Factor
Data provided are for informational purposes only. Although carefully collected, accuracy cannot be guaranteed.
The impact factor represents a rough estimation of the journal's impact factor and does not reflect the actual
current impact factor.
Publisher conditions are provided by RoMEO. Differing provisions from the publisher's actual policy or licence
agreement may be applicable.
Keywords
circuit scans
field programmable gate array
FPX platform
malicious content
Network intrusion detection
prevention systems
scan Internet packets
single Xilinx VirtexE 2000 FPGA
strings
