Top

Published in:

2018 | OriginalPaper | Chapter

High Performance Regular Expression Matching on FPGA

Authors : Jiajia Yang, Lei Jiang, Xu Bai, Qiong Dai

Published in: Collaborative Computing: Networking, Applications and Worksharing

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Deep Packet Inspection (DPI) technology has been widely deployed in Network Intrusion Detection System (NIDS) to detect attacks and viruses. State-of-the-art NIDS uses Deterministic Finite Automata (DFA) to perform regular expression matching for its stable matching speed. However, traditional DFA algorithm’s throughput is limited by the input character’s width (usually one character per time). In this paper, we present an architecture named Parallel-DFA to accelerate regular expression matching by scanning multiple characters per time. Experimental results show that, our architecture can achieve as high as 1200 Gbps (1.17 Tbps) rate on current single Field-Programmable Gate Array (FPGA) chip. This makes it a very practical solution for NIDS in 100G Ethernet standard network, which is currently the fastest approved standard of Ethernet. To the best of our knowledge, this is the fastest matching performance architecture on a single FPGA chip. Besides, the throughput is nearly 3 orders of magnitude (916\(\times \)) than that of original DFA implemented on software. Our architecture is about 183.2\(\times \) efficiency than that of original DFA.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Formal Verification of Authorization Policies for Enterprise Social Networks Using PlusCal-2

next chapter Adaptive Carving Method for Live FLV Streaming

Dubrawsky, I.: Firewall evolution-deep packet inspection. In: Security Focus, vol. 29 (2003)

Hopcroft, J.E.: Introduction to Automata Theory, Languages, and Computation. Pearson Education India (1979)

Kumar, S., Dharmapurikar, S., Yu, F., Crowley, P., Turner, J.: Algorithms to accelerate multiple regular expressions matching for deep packet inspection. ACM SIGCOMM Comput. Commun. Rev. 36(4), 339–350 (2006)CrossRef

Becchi, M., Crowley, P.: A-DFA: a time-and space-efficient DFA compression algorithm for fast regular expression evaluation. ACM Trans. Arch. Code Optim. (TACO) 10(1), 4 (2013)

Jiang, L., Dai, Q., Tang, Q., Tan, J., Fang, B.: A fast regular expression matching engine for NIDS applying prediction scheme. In: IEEE Symposium on Computers and Communication (ISCC), pp. 1–7. IEEE (2014)

Brodie, B.C., Taylor, D.E., Cytron, R.K.: A scalable architecture for high-throughput regular-expression pattern matching. ACM SIGARCH Comput. Arch. News 34(2), 191–202 (2006)CrossRef

Van Lunteren, J., Rohrer, J., Atasu, K., Hagleitner, C.: Regular expression acceleration at multiple tens of Gb/s. In: 1st Workshop on Accelerators for High-performance Architectures in conjunction with ICS 2009 (2009)

Meiners, C.R., Patel, J., Norige, E., Liu, A.X., Torng, E.: Fast regular expression matching using small TCAM. IEEE/ACM Trans. Netw. (TON) 22(1), 94–109 (2014)CrossRef

Becchi, M., Crowley, P.: Efficient regular expression evaluation: theory to practice. In: Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, pp. 50–59. ACM (2008)

10.

Prithi, S.. Sumathi, S.: Review on grouping algorithms for finite state automata (2016)

11.

The Bro Network Security Monitor. http://www.bro.org

12.

Roesch, M.: Snort: lightweight intrusion detection for networks. LISA 99(1), 229–238 (1999)MathSciNet

13.

Wang, L., Chen, S., Tang, Y., Su, J.: Gregex: GPU based high speed regular expression matching engine. In: 2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 366–370. IEEE (2011)

Title: High Performance Regular Expression Matching on FPGA
Authors: Jiajia Yang
Lei Jiang
Xu Bai
Qiong Dai
Publisher: Springer International Publishing
Book: Collaborative Computing: Networking, Applications and Worksharing
Print ISBN: 978-3-030-00915-1

Electronic ISBN: 978-3-030-00916-8

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-030-00916-8_50

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"