Research on range matching for wire-speed hardware NIDS
To solve the rule matching problem of hardware NIDS,a range matching algorithm LRC-RM was proposed,with more efficient memory utilization.The approach mapped the port range into a compressed bit vector and organized the bit vectors as an extended balanced binary tree.Experiments were employed to sho...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2006-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74662610/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841537399034740736 |
|---|---|
| author | CHEN Shu-hui SUN Zhi-gang SU Jin-shu |
| author_facet | CHEN Shu-hui SUN Zhi-gang SU Jin-shu |
| author_sort | CHEN Shu-hui |
| collection | DOAJ |
| description | To solve the rule matching problem of hardware NIDS,a range matching algorithm LRC-RM was proposed,with more efficient memory utilization.The approach mapped the port range into a compressed bit vector and organized the bit vectors as an extended balanced binary tree.Experiments were employed to show that NIDS using this approach can perform wire-speed range matching for OC-192 links,while saving 99% memory resource comparing to the existing methods.The algorithm is easy to be implemented within a chip without additional RAM. |
| format | Article |
| id | doaj-art-981c5b73b42c44329332df7af32d15d6 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2006-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-981c5b73b42c44329332df7af32d15d62025-01-14T08:37:34ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2006-01-0171274662610Research on range matching for wire-speed hardware NIDSCHEN Shu-huiSUN Zhi-gangSU Jin-shuTo solve the rule matching problem of hardware NIDS,a range matching algorithm LRC-RM was proposed,with more efficient memory utilization.The approach mapped the port range into a compressed bit vector and organized the bit vectors as an extended balanced binary tree.Experiments were employed to show that NIDS using this approach can perform wire-speed range matching for OC-192 links,while saving 99% memory resource comparing to the existing methods.The algorithm is easy to be implemented within a chip without additional RAM.http://www.joconline.com.cn/zh/article/74662610/computer networkintrusion detectionhardware acceleratingpacket classifyrange matching |
| spellingShingle | CHEN Shu-hui SUN Zhi-gang SU Jin-shu Research on range matching for wire-speed hardware NIDS Tongxin xuebao computer network intrusion detection hardware accelerating packet classify range matching |
| title | Research on range matching for wire-speed hardware NIDS |
| title_full | Research on range matching for wire-speed hardware NIDS |
| title_fullStr | Research on range matching for wire-speed hardware NIDS |
| title_full_unstemmed | Research on range matching for wire-speed hardware NIDS |
| title_short | Research on range matching for wire-speed hardware NIDS |
| title_sort | research on range matching for wire speed hardware nids |
| topic | computer network intrusion detection hardware accelerating packet classify range matching |
| url | http://www.joconline.com.cn/zh/article/74662610/ |
| work_keys_str_mv | AT chenshuhui researchonrangematchingforwirespeedhardwarenids AT sunzhigang researchonrangematchingforwirespeedhardwarenids AT sujinshu researchonrangematchingforwirespeedhardwarenids |