Abstract
Virus detection at the router level is rapidly gaining in importance. Hardware-based implementations have the advantage of speed and hence can support a large throughput. In this paper we describe an FPGA-based implementation of the Bloom filter virus detection code that is compiled from the native C to VHDL and mapped onto a Virtex XC2V8000 FPGA. Our results show that a single engine tailored for handling virus signatures of length eight bytes can achieve a throughput of 18.6 Gbps while occupying only 8% of the FPGA area.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Attig, M., Dharmapurikar, S., Lockwood, J.: Implementation Results of Bloom Filters for String Matching. In: Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM 2004), pp. 322–323 (2004)
Baker, Z., Prasanna, V.K.: High Throughput Linked-Pattern Matching for Intrusion Detection Systems. In: Proceedings of Symposium on Architectures for Networking and Communication Systems (ANCS 2005), Princeton, New Jersey (October 2005)
Bloom, B.H.: Space/time tradeoffs in hash coding with allowable errors. Communications of the ACM 13(7), 422–426 (1976)
Cho, Y.H., Smith, W.M.: Specialized Hardware for deep packet filtering. In: Proceedings of the 12th International Conference on Field Programmable Logic and Applications, France (2002)
Clark, C.R., Schimmel, D.E.: Scalable Parallel Pattern-Matching on High-Speed Networks. In: IEEE Symposium on Field-Programmable Custom Computing Machines, Napa, California (April 2004)
Gokhale, M., Dubois, D., Dubois, A., Boorman, M., Poole, S., Hogsett, V.: Granidt: Towards gigabit rate network intrusion detection technology. In: Proceedings of International Conference on Field Programmable Logic and Applications, pp. 404–413 (2002)
Kulkarni, D., Najjar, W., Rinker, R., Kurdahi, F.: Fast Area Estimation to Support Compiler Optimizations in FPGAbased Reconfigurable Systems. In: IEEE Symp. on Field-Programmable Custom Computing Machines (FCCM), Napa, CA (April 2002)
Moscola, J., Lockwood, J., Loui, R.P., Pachos, M.: Implementation of a content-scanning module for an internet firewall. In: Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines (2003)
Papadopoulos, G., Pnevmatikatos, D.: Hashing + Memory = Low Cost, Exact Pattern Matching. In: Proceedings of 15th International Conference on Field Programmable Logic and Applications, Tampere, Finlad (August 2005)
Sourdis, I., Pnevmatikatos, D.: Fast, large-scale string match for a 10Gbps FPGA-based network intrustion detection system. In: Proceedings of International Conference on Field Programmable Logic and Applications (2003)
SUIF Compiler System, http://suif.stanford.edu
Machine-SUIF, http://www.eecs.harvard.edu/hube/research/machsuif.html
Guo, Z., Buyukkurt, B., Najjar, W., Vissers, K.: Optimized Generation of Data-Path from C Codes. In: ACM/IEEE Design Automation and Test Europe (DATE), Munich, Germany (March 2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Suresh, D.C., Guo, Z., Buyukkurt, B., Najjar, W.A. (2006). Automatic Compilation Framework for Bloom Filter Based Intrusion Detection. In: Bertels, K., Cardoso, J.M.P., Vassiliadis, S. (eds) Reconfigurable Computing: Architectures and Applications. ARC 2006. Lecture Notes in Computer Science, vol 3985. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11802839_49
Download citation
DOI: https://doi.org/10.1007/11802839_49
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36708-6
Online ISBN: 978-3-540-36863-2
eBook Packages: Computer ScienceComputer Science (R0)