Laxmi N. Bhuyan scite author profile

Deep Payload Inspection systems like SNORT and BRO utilize regular expression for their rules due to their high expressibility and compactness. The SNORT IDS system uses the PCRE Engine for regular expression matching on the payload. The software based PCRE Engine utilizes an NFA engine based on certain opcodes which are determined by the regular expression operators in a rule. Each rule in the SNORT ruleset is translated by PCRE compiler into an unique regular expression engine. Since the software based PCRE engine can match the payload with a single regular expression at a time, and needs to do so for multiple rules in the ruleset, the throughput of the SNORT IDS system dwindles as each packet is processed through a multitude of regular expressions.In this paper we detail our implementation of hardware based regular expression engines for the SNORT IDS by transforming the PCRE opcodes generated by the PCRE compiler from SNORT regular expression rules. Our compiler generates VHDL code corresponding to the opcodes generated for the SNORT regular expression rules. We have tuned our hardware implementation to utilize an NFA based regular expression engine, using greedy quantifiers, in much the same way as the software based PCRE engine. Our system implements a regular expression only once for each new rule in the SNORT ruleset, thus resulting in a fast system that scales well with new updates. We implement two hundred PCRE engines based on a plethora of SNORT IDS rules, and use a Virtex-4 LX200 FPGA, on the SGI RASC RC 100 Blade connected to the SGI ALTIX 4700 supercomputing system as a testbed. We obtain an interface throughput of (12.9 GBits/s) and also a maximum speedup of 353X over software based PCRE execution.

show abstract

An Adaptive Submesh Allocation Strategy for Two-Dimensional Mesh Connected Systems

Ding

Bhuyan

1993

107

View full text Add to dashboard Cite

In this paper, we propose an adoplivc scan (AS) strategy for submesh allocation. The earlierframe sliding (FS) strategy [I] allocates submeshes based on fixed orientations of incoming faska. It also slides fiunaes om mesh planes by fdzed strides. Our AS a1Iocation strategy diflers from the FS slrafegy in the following two ways: (1) it does not jiz the orientations of incoming tasks;(2) it scans on mesh planes adapfively. Experimental studies show that oar AS strategy oedperfornas the FS slmdegy in t e m s of external fmgmentaiion, completion la'nae, land processor uii/izaiion.

show abstract

HIERAS: A DHT‐Based Hierarchical P2P Routing Algorithm

Xu¹,

Hu²,

Bhuyan³

2005

View full text Add to dashboard Cite

Scalable SIMD-Efficient Graph Processing on GPUs

2015

View full text Add to dashboard Cite

EaseCAM: An Energy and Storage Efficient TCAM-Based Router Architecture for IP Lookup

Ravikumar

Mahapatra

Bhuyan

2005

IEEE Trans. Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Laxmi N. Bhuyan

Compiling PCRE to FPGA for accelerating SNORT IDS

An Adaptive Submesh Allocation Strategy for Two-Dimensional Mesh Connected Systems

HIERAS: A DHT‐Based Hierarchical P2P Routing Algorithm

Scalable SIMD-Efficient Graph Processing on GPUs

EaseCAM: An Energy and Storage Efficient TCAM-Based Router Architecture for IP Lookup

Contact Info

Product

Resources

About