In this paper, we identify the unique challenges in deploying parallelism on TCAM-based pattern matching for Network Intrusion Detection Systems (NIDSes). We resolve two critical issues when designing scalable parallelism specifically for pattern matching modules: 1) how to enable fine-grained parallelism in pursuit of effective load balancing and desirable speedup simultaneously; and 2) how to reconcile the tension between parallel processing speedup and prohibitive TCAM power consumption. To this end, we first propose the novel concept of Negative Pattern Matching to partition flows, by which the number of TCAM lookups can be significantly reduced, and the resulting (fine-grained) flow segments can be inspected in parallel without incurri...
Abstract—With the increasing growth of the Internet, the explosion of attacks and viruses significan...
In this paper, we consider hardware-based scanning and analyzing packets payload in order to detect ...
Abstract. Network security is very important for Internet-connected hosts because of the widespread ...
[[abstract]]Network Intrusion Detection Systems (NIDS) are one of the latest developments in securit...
At the heart of almost every modern Network Intrusion Detection System (NIDS), there is a pattern ma...
[[abstract]]Network intrusion detection system is used to inspect packet contents against thousands ...
[[abstract]]Due to the advantages of easy re-configurability and scalability, the memory-based strin...
Pattern matching is a key building block of Intrusion Detection Systems and firewalls, which are dep...
Abstract- A clear trend that can be observed in the Internet is the increasing amount of packet data...
Abstract—Network Intrusion Detection System (NIDS) is a system developed for identifying attacks by ...
[[abstract]]As more and more network security threats are emerging today, the network-based intrusio...
Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (N...
Abstract — Pattern matching is a significant issue in intrusion detection systems (IDS), as it is re...
Since frequent communication between applications takes place in high speed networks, deep packet in...
Network security is very important for Internet-connected hosts because of the widespread of worms, ...
Abstract—With the increasing growth of the Internet, the explosion of attacks and viruses significan...
In this paper, we consider hardware-based scanning and analyzing packets payload in order to detect ...
Abstract. Network security is very important for Internet-connected hosts because of the widespread ...
[[abstract]]Network Intrusion Detection Systems (NIDS) are one of the latest developments in securit...
At the heart of almost every modern Network Intrusion Detection System (NIDS), there is a pattern ma...
[[abstract]]Network intrusion detection system is used to inspect packet contents against thousands ...
[[abstract]]Due to the advantages of easy re-configurability and scalability, the memory-based strin...
Pattern matching is a key building block of Intrusion Detection Systems and firewalls, which are dep...
Abstract- A clear trend that can be observed in the Internet is the increasing amount of packet data...
Abstract—Network Intrusion Detection System (NIDS) is a system developed for identifying attacks by ...
[[abstract]]As more and more network security threats are emerging today, the network-based intrusio...
Multiple pattern matching algorithms are essential engines of Network Intrusion Detection Systems (N...
Abstract — Pattern matching is a significant issue in intrusion detection systems (IDS), as it is re...
Since frequent communication between applications takes place in high speed networks, deep packet in...
Network security is very important for Internet-connected hosts because of the widespread of worms, ...
Abstract—With the increasing growth of the Internet, the explosion of attacks and viruses significan...
In this paper, we consider hardware-based scanning and analyzing packets payload in order to detect ...
Abstract. Network security is very important for Internet-connected hosts because of the widespread ...