Gregor Maier's Publications

Hardware Pattern Matching for Network Traffic Analysis in Gigabit Environments
Citation key M-HPMNTAGE-07
Author Maier, Gregor
Year 2007
Address Munich, Germany
Month May
School Technische Universit√§t M√ľnchen
Abstract Pattern Matching is an important task in various applications, including network traffic analysis and intrusion detection. In modern high speed gigabit networks it becomes unfeasible to search for patterns using pure software implementations, due to the amount of data that must be searched. Furthermore applications employing pattern matching often need to search for several patterns at the same time. In this thesis we explore the possibilities of using FPGAs for hardware pattern matching. We analyze the applicability of various pattern matching algorithms for hardware implementation and implement a Rabin-Karp and an approximate pattern matching algorithm in Endaces network measurement cards using VHDL. The implementations are evaluated and compared to pure software matching solutions. To demonstrate the power of hardware pattern matching, an example application for traffic accounting using hardware pattern matching is presented as a proof-of-concept. Since some systems like network intrusion detection systems analyze reassembled TCP streams, possibilities for hardware TCP reassembly combined with hardware pattern matching are discussed as well.
Bibtex Type of Publication Diplomarbeit
Link to publication Download Bibtex entry

