Skip content, jump to navigation.

Jump to : Download | Abstract | Keywords | Contact | BibTex reference | EndNote reference |

M-HPMNTAGE-07

Gregor Maier. Hardware Pattern Matching for Network Traffic Analysis in Gigabit Environments. Diplomarbeit Technische Universität München, Munich, Germany, May 2007.

Download [help]

Download paper: Adobe portable document (pdf)

Copyright notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Abstract

Pattern Matching is an important task in various applications, including network traffic analysis and intrusion detection. In modern high speed gigabit networks it becomes unfeasible to search for patterns using pure software implementations, due to the amount of data that must be searched. Furthermore applications employing pattern matching often need to search for several patterns at the same time. In this thesis we explore the possibilities of using FPGAs for hardware pattern matching. We analyze the applicability of various pattern matching algorithms for hardware implementation and implement a Rabin-Karp and an approximate pattern matching algorithm in Endaces network measurement cards using VHDL. The implementations are evaluated and compared to pure software matching solutions. To demonstrate the power of hardware pattern matching, an example application for traffic accounting using hardware pattern matching is presented as a proof-of-concept. Since some systems like network intrusion detection systems analyze reassembled TCP streams, possibilities for hardware TCP reassembly combined with hardware pattern matching are discussed as well.

Keywords

[ Im ] [ Da ]

Contact

Gregor Maier

BibTex Reference

@MastersThesis{M-HPMNTAGE-07,
   Author = {Maier, Gregor},
   Title = {Hardware Pattern Matching for Network Traffic Analysis        in Gigabit Environments},
   School = {Technische Universität München, Munich, Germany},
   Type = {Diplomarbeit},
   Month = {May},
   Year = {2007}
}

EndNote Reference [help]

Get EndNote Reference (.ref)

It has been automatically generated using the bib2html program.