本文已被:浏览 1533次 下载 3765次
Received:January 20, 2010 Revised:March 01, 2010
Received:January 20, 2010 Revised:March 01, 2010
中文摘要: 网络入侵防御系统是维护网络安全的重要工具之一。特征匹配引擎是网络入侵防御系统的计算核心,用于从网络包中搜索出已知网络攻击的特征数据。对于现有的网络入侵防御系统,特征匹配引擎在整个系统中占据很大比例的计算时间。特征匹配属于计算密集型应用,对于底层的计算能力具有很高的要求。提出了一种并行特征匹配算法,并充分利用底层硬件特征,将提出的算法映射到现有的多核处理器上。在IBM System x3455上实现的系统具有高达17.2Gbps的处理速度和5万字条的特征字典容量,其处理速度和特征字典容量超过现有文献中的结果
Abstract:Network Intrusion Prevention System (NIPS) is one of the effective tools in providing network security. The core computing function of an NIPS is Pattern Matching Engine (PME), which is used to search pattern data of a known network intrusion from network packages. In current NIPS, PME consumes a significant portion of the computing time. PME is a computing consuming application, requiring high level performance from the system’s base computing power. This article proposes a parallel pattern matching approach and maps the computation onto the existing multi-core CPU by fully utilizing the computing power of the base hardware structure of the prevention system. The implementation of the proposed approach on IBM System x3455 server shows that it provides a typical processing speed of 17.2 Gbps with a capacity of 50,000 pattern signatures, which has exceeded the results of all current documentation, including FPGA, ASIC, network CPU, and GPU.
文章编号: 中图分类号: 文献标志码:
基金项目:
Author Name | Affiliation |
WANG En-Hai | 中国科学院计算机网络信息中心 北京 100190;中国科学院 研究生院 北京 100049 |
Author Name | Affiliation |
WANG En-Hai | 中国科学院计算机网络信息中心 北京 100190;中国科学院 研究生院 北京 100049 |
引用文本:
王恩海.特征匹配引擎设计与实现.计算机系统应用,2010,19(9):115-119
WANG En-Hai.Design and Implementation of Pattern Matching Engine.COMPUTER SYSTEMS APPLICATIONS,2010,19(9):115-119
王恩海.特征匹配引擎设计与实现.计算机系统应用,2010,19(9):115-119
WANG En-Hai.Design and Implementation of Pattern Matching Engine.COMPUTER SYSTEMS APPLICATIONS,2010,19(9):115-119