CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 6159 > Article
Paper
26 April 2006 Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system
Jakub Botwicz, Piotr Buciak, Piotr Sapiecha
Author Affiliations +
Proceedings Volume 6159, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV; 615936 (2006) https://doi.org/10.1117/12.674873
Event: Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV, 2005, Wilga, Poland
Abstract
Intrusion Prevention Systems (IPSs) have become widely recognized as a powerful tool and an important element of IT security safeguards. The essential feature of network IPSs is searching through network packets and matching multiple strings, that are fingerprints of known attacks. String matching is highly resource consuming and also the most significant bottleneck of IPSs. In this article an extension of the classical Karp-Rabin algorithm and its implementation architectures were examined. The result is a software, which generates a source code of a string matching module in hardware description language, that could be easily used to create an Intrusion Prevention System implemented in reconfigurable hardware. The prepared module matches the complete set of Snort IPS signatures achieving throughput of over 2 Gbps on an Altera Stratix I1 evaluation board. The most significant advantage of the proposed architecture is that the update of the patterns database does not require reconfiguration of the circuitry.
© (2006) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Jakub Botwicz, Piotr Buciak, and Piotr Sapiecha "Implementation of Karp-Rabin string matching algorithm in reconfigurable hardware for network intrusion prevention system", Proc. SPIE 6159, Photonics Applications in Astronomy, Communications, Industry, and High-Energy Physics Experiments IV, 615936 (26 April 2006); https://doi.org/10.1117/12.674873
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 8 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Lens.org Logo
CITATIONS
Cited by 2 scholarly publications.
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Databases
Field programmable gate arrays
Computer intrusion detection
Data processing
Information technology
Clocks
Computer programming
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top