簡易檢索 / 詳目顯示
| 研究生: |
江長平 Chang-Ping Jiang |
|---|---|
| 論文名稱: |
比對正規表示式之硬體設計 Hardware Design of Regular Expression Matching |
| 指導教授: |
張世杰
Shih-Chieh Chang |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 資訊工程學系 Computer Science |
| 論文出版年: | 2006 |
| 畢業學年度: | 94 |
| 語文別: | 英文 |
| 論文頁數: | 31 |
| 中文關鍵詞: | 正規表示式 、硬體設計 |
| 外文關鍵詞: | regular expression, hardware design |
| 相關次數: | 點閱:2 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
正規表示式在網路入侵偵測系統被廣泛地使用來表示攻擊的病毒碼。之前已經有許多的硬體架構被提出來加速比對正規表示式。在這篇論文裡,我們專注在兩種硬體架構上,一種使用可程式化邏輯閘陣列,其上之邏輯單元的可重新設計功能可用來更新病毒碼。另一種硬體架構是使用以記憶體為基礎的演算法。在第一種邏輯單元為基礎的架構,雖然縮小邏輯方程式在電腦輔助設計領域已經被深入的研究,但是,研究如何縮小多個正規表示式卻被忽略。這篇論文提出了一個新的分享架構允許我們的演算法去取出共同的正規表示式部份以及分享共同部份。實驗結果顯示我們的分享架構可以有效地降低比對正規表示式之電路的面積。在第二種使用記憶體為基礎之演算法的架構,這篇論文也提出了一個新的演算法,可以有效地分享共同的部分字串,實驗結果也顯示我們的演算法可以降低記憶體的使用。
Regular expressions are widely used in Network Intrusion Detection System (NIDS) to represent attack patterns. Previously, many hardware architectures have been proposed to accelerate regular expression matching. In this thesis, we concentrate on two hardware architectures. One uses reconfigurable logic module on FPGA because FPGA allows for updating new attack patterns. The other uses memory-based algorithm. For the first logic-based architecture, because of increasing number of attacks, we need to accommodate large number of regular expressions on FPGA. Although the minimization of logic equations has been studied intensively in the area of computer-aided design (CAD), the minimization of multiple regular expressions has been largely neglected. This thesis presents a novel sharing architecture allowing our algorithm to extract and share common sub-regular expressions. Experimental results show that our sharing scheme significantly reduces the area of regular expression pattern matching circuits. For the second memory-based architecture, this thesis presents a novel sharing mechanism allowing our algorithm to share common sub-patterns resulting in the significant reduction of memory.
[1] R. Sidhu and V. K. Prasanna, “Fast regular expression matching using FPGAs,” in Proc. of the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM '01), Apr. 2001, pp. 227-238.
[2] B. L. Hutchings, R. Franklin and D. Carver, “Assisting Network Intrusion Detection with Reconfigurable Hardware,” in Proc. of the10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM’02), Sep. 2002.
[3] J. Moscola, J. Lockwood, R. P. Loui and M. Pachos, “Implementation of a Content-Scanning Module for an Internet Firewall,” in Proc. of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM’03), Apr. 2003.
[4] Z. K. Baker, V. K. Prasanna, “Time and area efficient pattern matching on FPGAs,” in Proc. of the 2004 ACM/SIGDA 12th International Symposium on Field Programmable Gate Arrays, Feb. 2004, pp. 223-232.
[5] Y. H. Cho and W. H. Mangione-Smith, “A Pattern Matching co-processor for Network Security,” in Proc. of the 42nd Design Automation Conference (DAC), June, 2005.
[6] S. Dharmapurikar and J. W. Lockwood. “Fast and Scalable Pattern Matching for Content Filtering,” Proceedings of Symposium on Architectures for Networking and Communications Systems (ANCS), Oct 2005.
[7] F. Yu, R. Katz, and T. V. Lakshman, “Gigabit Rate Multiple-Pattern Matching with TCAM,” (ICNP 2004)
[8] M. Roesch. “Snort- lightweight Intrusion Detection for networks,” in Proc. of LISA99, the 15th Systems Administration Conference, 1999.
[9] M. Aldwairi, T. Conte, and P. Franzon, “Configurable String Matching Hardware for Speeding up Intrusion Detection,” ACM SIGARCH Computer Architecture News, vol. 33, No. 1, March 2005.
[10] A. Aho and M. Corasick. Efficient string matching:An aid to bibliographic search, In Communications of the ACM, vol. 18, no.6, pp.333-343, June 1975
全文公開日期 本全文未授權公開 (校內網路)全文公開日期 本全文未授權公開 (校外網路)