Share Email Print
cover

Proceedings Paper

Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system
Author(s): Jakub Botwicz; Piotr Buciak; Piotr Sapiecha
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

Intrusion Prevention Systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. The essential feature of network IPSs is searching through network packets and matching multiple strings, that are fingerprints of known attacks. String matching is highly resource consuming and also the most significant bottleneck of IPSs. In this article an extension of the classical Karp-Rabin algorithm and its implementation architectures were examined. The result is a software, which generates a source code of a string matching module in hardware description language, that could be easily used to create an Intrusion Prevention System implemented in reconfigurable hardware. The prepared module matches the complete set of Snort IPS signatures achieving throughput of over 2 Gbps on an Altera Stratix I1 evaluation board. The most significant advantage of the proposed architecture is that the update of the patterns database does not require reconfiguration of the circuitry.

Paper Details

Date Published: 26 April 2006
PDF: 8 pages
Proc. SPIE 6159, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV, 615936 (26 April 2006); doi: 10.1117/12.674873
Show Author Affiliations
Jakub Botwicz, Warsaw Univ. of Technology (Poland)
Piotr Buciak, Warsaw Univ. of Technology (Poland)
Piotr Sapiecha, Warsaw Univ. of Technology (Poland)


Published in SPIE Proceedings Vol. 6159:
Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV
Ryszard S. Romaniuk, Editor(s)

© SPIE. Terms of Use
Back to Top