Specialized hardware for deep network packet filtering

被引：0

作者：

Cho, YH ^{[1
]}

Navab, S ^{[1
]}

Mangione-Smith, WH ^{[1
]}

机构：

[1] Univ Calif Los Angeles, Los Angeles, CA 91311 USA

来源：

FIELD-PROGRAMMABLE LOGIC AND APPLICATIONS, PROCEEDINGS: RECONFIGURABLE COMPUTING IS GOING MAINSTREAM | 2002年 / 2438卷

关键词：

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Many computer network provide limited security through simple firewall feature in router and switch. Some networks that require higher security use deep packet filter to capture packets that can not be detected by simple firewall. Deep packet filters use list of rules for determining safety of packets. There is a high degree of parallelism in processing these rules because each rule represent independent pattern matching process. We find that the underlying architecture for existing software and hardware firewalls do not fully take advantage of this parallelism. Thus, we design a deep packet filtering firewall on a field programmable gate array (FPGA) to take advantage of the parallelism while retaining its programmability. Our implementation is capable of processing over 2.88 gigabits per second of network stream on an Altera EP20K series FPGA without manual optimization.

引用

页码：452 / 461

页数：10

共 50 条

[1] Network Packet Filtering and Deep Packet Inspection Hybrid Mechanism for IDS Early Packet Matching
Trabelsi, Zouheir
Zeidan, Safaa
Masud, Mohammad M.
[J]. IEEE 30TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS IEEE AINA 2016, 2016, : 808 - 815
[2] Hardware Implementation of IP Packet Filtering in FPGA
Cholakoska, Ana
Efnusheva, Danijela
Kalendar, Marija
[J]. PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON APPLIED INNOVATIONS IN IT, VOL 7, ISSUE 1, 2019, 7 (01): : 23 - 29
[3] Randomized Packet Filtering through Specialized Partitioning of Rulesets
Abeni, Luca
Bonelli, Nicola
Procissi, Gregorio
[J]. IEEE COMMUNICATIONS LETTERS, 2013, 17 (12) : 2380 - 2383
[4] Packet Filtering by Artificial Neural Network
Turcanik, Michal
[J]. INTERNATIONAL CONFERENCE ON MILITARY TECHNOLOGIES (ICMT 2015), 2015, : 415 - 418
[5] Deep Packet Inspection: Algorithms, Hardware, and Applications
Lin, Ying-Dar
Lin, Po-Ching
Prasanna, Viktor K.
Chao, H. Jonathan
Lockwood, John W.
[J]. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, 2014, 32 (10) : 1781 - 1783
[6] Using network processors for packet filtering
Millard, BR
Pandya, S
Miller, DS
[J]. PDPTA '05: Proceedings of the 2005 International Conference on Parallel and Distributed Processing Techniques and Applications, Vols 1-3, 2005, : 497 - 503
[7] Design of packet filtering on network processor
Kim, YH
Kim, JN
[J]. SAM '05: Proceedings of the 2005 International Conference on Security and Management, 2005, : 213 - 218
[8] A high-throughput system architecture for deep packet filtering in network intrusion prevention
Kim, DY
Kim, S
Choi, L
Kim, H
[J]. ARCHITECTURE OF COMPUTING SYSTEMS - ARCS 2006, PROCEEDINGS, 2006, 3894 : 407 - 421
[9] Deep Packet Inspection on Commodity Hardware using FastFlow
Danelutto, M.
Deri, L.
De Sensi, D.
Torquati, M.
[J]. PARALLEL COMPUTING: ACCELERATING COMPUTATIONAL SCIENCE AND ENGINEERING (CSE), 2014, 25 : 92 - 99
[10] Deep Packet Inspection Research Based On Hardware Acceleration
Guo Lei
Wang Yadi
Zhu Ke
[J]. 2012 INTERNATIONAL CONFERENCE ON INDUSTRIAL CONTROL AND ELECTRONICS ENGINEERING (ICICEE), 2012, : 1984 - 1986

← 1 2 3 4 5 →