A Multi-gigabit Rate Deep Packet Inspection Algorithm using TCAM

Slides:

Advertisements

Similar presentations

Stable Load Control with Load Prediction in Multipath Packet Forwarding IlKyu Park, Youngseok Lee, and Yanghee Choi Proc. 15 th IEEE Int l conf. on Information.

Advertisements

Reviewer: Jing Lu Gigabit Rate Packet Pattern- Matching Using TCAM Fang Yu, Randy H. Katz T. V. Lakshman UC Berkeley Bell Labs, Lucent ICNP’2004.

IP Address Lookup for Internet Routers Using Balanced Binary Search with Prefix Vector Author: Hyesook Lim, Hyeong-gee Kim, Changhoon Publisher: IEEE TRANSACTIONS.

Fast Filter Updates for Packet Classification using TCAM Authors: Haoyu Song, Jonathan Turner. Publisher: GLOBECOM 2006, IEEE Present: Chen-Yu Lin Date:

Efficient IP-Address Lookup with a Shared Forwarding Table for Multiple Virtual Routers Author: Jing Fu, Jennifer Rexford Publisher: ACM CoNEXT 2008 Presenter:

1 Energy Efficient Multi-match Packet Classification with TCAM Fang Yu

Improved TCAM-based Pre-Filtering for Network Intrusion Detection Systems Department of Computer Science and Information Engineering National Cheng Kung.

A Multipattern Matching Algorithm Using Sampling and Bit Index Author: Jinhui Chen, Zhongfu Ye, Min Tang Publisher: Computer Systems and Applications,

Parallel IP Lookup using Multiple SRAM-based Pipelines Authors: Weirong Jiang and Viktor K. Prasanna Presenter: Yi-Sheng, Lin ( 林意勝 ) Date:

PC-DUOS: Fast TCAM Lookup and Update for Packet Classifiers Author: Tania Banerjee-Mishra, Sartaj Sahni,Gunasekaran Seetharaman Publisher: IEEE Symposium.

An Efficient and Scalable Pattern Matching Scheme for Network Security Applications Department of Computer Science and Information Engineering National.

1 Gigabit Rate Multiple- Pattern Matching with TCAM Fang Yu Randy H. Katz T. V. Lakshman

1 A Fast IP Lookup Scheme for Longest-Matching Prefix Authors: Lih-Chyau Wuu, Shou-Yu Pin Reporter: Chen-Nien Tsai.

An Efficient IP Lookup Architecture with Fast Update Using Single-Match TCAMs Author: Jinsoo Kim, Junghwan Kim Publisher: WWIC 2008 Presenter: Chen-Yu.

1 Performing packet content inspection by longest prefix matching technology Authors: Nen-Fu Huang, Yen-Ming Chu, Yen-Min Wu and Chia- Wen Ho Publisher:

Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.

Fast vector quantization image coding by mean value predictive algorithm Authors: Yung-Gi Wu, Kuo-Lun Fan Source: Journal of Electronic Imaging 13(2),

SHOCK: A Worst-Case Ensured Sub-linear Time Pattern Matching Algorithm for Inline Anti-Virus Scanning Author: Nen-Fu Huang, Wen-Yen Tsai Publisher: IEEE.

Sarang Dharmapurikar With contributions from : Praveen Krishnamurthy,

A Virtual Collision Mechanism for IEEE DCF

Tuning the Carrier Sensing Range of IEEE MAC Jing Deng,Ben Liang and Pramod K. Varshney Univ. of New Orleans Globecom 2004.

PARALLEL TABLE LOOKUP FOR NEXT GENERATION INTERNET

Sampling Techniques to Accelerate Pattern Matching in Network Intrusion Detection Systems Author: Domenico Ficara, Gianni Antichi, Andrea Di Pietro, Stefano.

An Improved Algorithm to Accelerate Regular Expression Evaluation Author: Michela Becchi, Patrick Crowley Publisher: 3rd ACM/IEEE Symposium on Architecture.

Overview BT’s contribution to WISDOM in 2 nd semester Dr Carla Di Cairano-Gilfedder BT GCTO Office, Research Department 4 th June 2006, Crete.

Leveraging Traffic Repetitions for High- Speed Deep Packet Inspection Author: Anat Bremler-Barr, Shimrit Tzur David, Yotam Harchol, David Hay Publisher:

ACN: RED paper1 Random Early Detection Gateways for Congestion Avoidance Sally Floyd and Van Jacobson, IEEE Transactions on Networking, Vol.1, No. 4, (Aug.

A Hybrid IP Lookup Architecture with Fast Updates Author : Layong Luo, Gaogang Xie, Yingke Xie, Laurent Mathy, Kavé Salamatian Conference: IEEE INFOCOM,

Multi-Field Range Encoding for Packet Classification in TCAM Author: Yeim-Kuan Chang, Chun-I Lee and Cheng-Chien Su Publisher: INFOCOM 2011 Presenter:

IEEE Communications Surveys & Tutorials 1st Quarter 2008.

27th, Nov 2001 GLOBECOM /16 Analysis of Dynamic Behaviors of Many TCP Connections Sharing Tail-Drop / RED Routers Go Hasegawa Osaka University, Japan.

GPEP : Graphics Processing Enhanced Pattern- Matching for High-Performance Deep Packet Inspection Author: Lucas John Vespa, Ning Weng Publisher: 2011 IEEE.

1. Outline Introduction Related work on packet classification Grouper Performance Analysis Empirical Evaluation Conclusions 2/42.

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES Lesson №18 Telecommunication software design for analyzing and control packets on the networks by using.

Routers. These high-end, carrier-grade 7600 models process up to 30 million packets per second (pps).

Packet Forwarding. A router has several input/output lines. From an input line, it receives a packet. It will check the header of the packet to determine.

1 Dynamic Pipelining: Making IP- Lookup Truly Scalable Jahangir Hasan T. N. Vijaykumar School of Electrical and Computer Engineering, Purdue University.

Compact Trie Forest: Scalable architecture for IP Lookup on FPGAs Author: O˘guzhan Erdem, Aydin Carus and Hoang Le Publisher: ReConFig 2012 Presenter:

StriD 2 FA: Scalable Regular Expression Matching for Deep Packet Inspection Author: Xiaofei Wang, Junchen Jiang, Yi Tang, Bin Liu, and Xiaojun Wang Publisher:

IP Address Lookup Masoud Sabaei Assistant professor

IP Routing Processing with Graphic Processors Author: Shuai Mu, Xinya Zhang, Nairen Zhang, Jiaxin Lu, Yangdong Steve Deng, Shu Zhang Publisher: IEEE Conference.

1 Power-Efficient TCAM Partitioning for IP Lookups with Incremental Updates Author: Yeim-Kuan Chang Publisher: ICOIN 2005 Presenter: Po Ting Huang Date:

A Pattern-Matching Scheme With High Throughput Performance and Low Memory Requirement Author: Tsern-Huei Lee, Nai-Lun Huang Publisher: TRANSACTIONS ON.

TCAM –BASED REGULAR EXPRESSION MATCHING SOLUTION IN NETWORK Phase-I Review Supervised By, Presented By, MRS. SHARMILA,M.E., M.ARULMOZHI, AP/CSE.

An Automated Signature-Based Approach against Polymorphic Internet Worms Yong Tang; Shigang Chen; IEEE Transactions on Parallel and Distributed Systems,

Authors: Danhua Guo 、 Guangdeng Liao 、 Laxmi N. Bhuyan 、 Bin Liu 、 Jianxun Jason Ding Conf. : The 4th ACM/IEEE Symposium on Architectures for Networking.

Seungnam Yang, Kyungsoo Lee, Hyundoc Seo and Hyogon Kim Korea University VTC Spring 2008 SPLASH: a Simple Multi-Channel Migration Scheme for IEEE

A Fast Regular Expression Matching Engine for NIDS Applying Prediction Scheme Author: Lei Jiang, Qiong Dai, Qiu Tang, Jianlong Tan and Binxing Fang Publisher:

Lightweight Traffic-Aware Packet Classification for Continuous Operation Author: Shariful Hasan Shaikot, Min Sik Kim Presenter: Yen-Chun Tseng Date: 2014/11/26.

An Improved Multi-Pattern Matching Algorithm for Large-Scale Pattern Sets Author : Zhan Peng, Yu-Ping Wang and Jin-Feng Xue Conference: IEEE 10th International.

SWM: Simplified Wu-Manber for GPU- based Deep Packet Inspection Author: Lucas Vespa, Ning Weng Publisher: The 2012 International Conference on Security.

1 IP Routing table compaction and sampling schemes to enhance TCAM cache performance Author: Ruirui Guo, Jose G. Delgado-Frias Publisher: Journal of Systems.

Author ： Tzu-Fang Sheu,Nen-Fu Huang and Hsiao-Ping Lee Publisher ： IEEE Globecom, 2006 Presenter ： Tsung-Lin Hsieh Date ： 2012/05/16 1.

Counting bloom filters for pattern matching and anti-evasion at the wire speed Author: Gianni Antichi, Domenico Ficara, Stefano Giordano, Gregorio Procissi,

Space and Speed Tradeoffs in TCAM Hierarchical Packet Classification

2018/6/26 An Energy-efficient TCAM-based Packet Classification with Decision-tree Mapping Author: Zhao Ruan, Xianfeng Li , Wenjun Li Publisher: 2013.

Packet Forwarding.

2003/04/291 Hiding data in images by optimal moderately- significant-bit replacement Wang, Ran-Zan, Lin, Chi-Fang, and Lin, Ja-Chen, IEE Electronics Letters,

NETWORK SECURITY LAB Lab 9. IDS and IPS.

Advanced Algorithms for Fast and Scalable Deep Packet Inspection

Artificial Immune System against Viral Attack

Speculative Parallel Pattern Matching

Scalable Memory-Less Architecture for String Matching With FPGAs

Author： Domenico Ficara ,Gianni Antichi ,Nicola Bonelli ,

Youngki Kim Mobile R&D Laboratory KT, Korea

Byung-Joon Lee and Youngseok Lee

Renal bumpy contour in an adult

Author： Yaron Weinsberg ,Shimrit Tzur-David ,Danny Dolev and Tal Anker

Design principles for packet parsers

A Hybrid IP Lookup Architecture with Fast Updates

Presentation transcript:

A Multi-gigabit Rate Deep Packet Inspection Algorithm using TCAM Author：Jung-Sik Sung, Seok-Min Kang, Youngseok Lee, Taeck-Geun Kwon, and Bong-Tae Kim Publisher：IEEE GLOBECOM 2005 Presenter：Wen-Tse Liang Date：2011/09/14

Outline INTRODUCTION THE PROPOSED ALGORITHM The Preprocessing Stage The Scanning Stage PERFORMACE ANALYSIS AND SIMULATION

Introduction We suppose a TCAM-based pattern- matching algorithm which decreases the number of TCAM lookups per packet by means of performing a TCAM lookup operation per multi-bytes in a packet payload. The secure router usually supports multi-gigabit rate such as 10 Gbps Ethernet and OC-192. Therefore, multi-gigabit rate secure routers need 10Gbps scan rate for detecting malicious signatures from the packets.

Introduction We call this algorithm as the jumping window pattern-matching scheme. By reducing the number of TCAM lookups with the proposed jumping window scheme, multi-gigabit rate can be supported for secure routers.

THE PROPOSED ALGORITHM Algorithm

THE PROPOSED ALGORITHM The Preprocessing Stage

THE PROPOSED ALGORITHM The Scanning Stage

PERFORMACE ANALYSIS AND SIMULATION Assuming the length of packet is 1518 bytes 0.81 million packets per second (Mpps) throughput is required to support 10Gbps.

PERFORMACE ANALYSIS AND SIMULATION