Shaik et al., 2025 - Google Patents
Energy efficient and high throughput prefix-based pattern matching technique on TCAMs for NIDSShaik et al., 2025
- Document ID
- 954825409973183504
- Author
- Shaik S
- Vegesna S
- SK N
- Publication year
- Publication venue
- Integration
External Links
Snippet
Abstract Intrusion Detection System (IDS) is a type of packet filtering that ensures network security by analyzing the packets flowing through the network and detecting any malicious pattern (s) present in them. In signature-based NIDS, pattern matching is the critical step as it …
- 238000000034 method 0 title abstract description 62
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30964—Querying
- G06F17/30979—Query processing
- G06F17/30985—Query processing by using string matching techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30943—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type
- G06F17/30946—Information retrieval; Database structures therefor; File system structures therefor details of database functions independent of the retrieved data type indexing structures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup or address filtering
- H04L45/7453—Address table lookup or address filtering using hashing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220237128A1 (en) | Content search extension architecture for programmable intelligent search memory | |
| Yu et al. | Gigabit rate packet pattern-matching using TCAM | |
| Becchi et al. | An improved algorithm to accelerate regular expression evaluation | |
| US7831606B2 (en) | Signature search architecture for programmable intelligent search memory | |
| US9129043B2 (en) | 100GBPS security and search architecture using programmable intelligent search memory | |
| Alicherry et al. | High speed pattern matching for network IDS/IPS | |
| Dharmapurikar et al. | Fast and scalable pattern matching for content filtering | |
| Le et al. | A memory-efficient and modular approach for large-scale string pattern matching | |
| US20110029549A1 (en) | Signature search architecture for programmable intelligent search memory | |
| US8272056B2 (en) | Efficient intrusion detection | |
| Xu et al. | A multi-dimensional progressive perfect hashing for high-speed string matching | |
| Karimov et al. | Application of the Aho-Corasick algorithm to create a network intrusion detection system | |
| Fide et al. | A survey of string matching approaches in hardware | |
| Guinde et al. | Efficient hardware support for pattern matching in network intrusion detection | |
| Shaik et al. | Energy efficient and high throughput prefix-based pattern matching technique on TCAMs for NIDS | |
| Tashev et al. | Comparative performance analysis the Aho-Corasick algorithm for developing a network detection system | |
| Xu et al. | Recursive shift indexing: a fast multi-pattern string matching Algorithm | |
| Shaik et al. | A High Throughput Bloom Filter Based TCAM Architecture for Fast NIDS | |
| Tashev et al. | Application of the Aho-Corasick algorithm to create a network intrusion detection system | |
| Liu et al. | FTSE: The FNIP-like TCAM searching engine | |
| Chang et al. | Multi-character processor array for pattern matching in network intrusion detection system | |
| Huang et al. | Accelerating the bit-split string matching algorithm using Bloom filters | |
| Huang et al. | A power-efficient approach to TCAM-based regular expression matching | |
| Zhang et al. | XWM: a high-speed matching algorithm for large-scale URL rules in wireless surveillance applications | |
| Chang et al. | Improved TCAM-based pre-filtering for network intrusion detection systems |