Binary-tree-based high speed packet classification system on FPGA
作者: Jingjiao Li , Yong Chen , Cholman Ho , Zhenlin Lu , None
DOI: 10.1109/ICOIN.2013.6496433
关键词:
摘要: In the network intrusion detection system (NIDS), there is a limitation on speed of software-based packet classification because processor performance, serial program execution and so on. It has become great challenge to develop scalable solutions for next-generation that support higher throughput, larger rule sets more header fields. For low-cost high performance embedded networking applications, best solution could be doing by special designed hardware, which can effectively release burden CPU. order improve classification, exhibit good memory quick update, high-speed based FPGA proposed in this paper. Taking advantage parallel processing, pipeline hardware circuit, throughput been improved greatly; defining size tree nodes binary tree, usage efficient. The structure generated through pre-processing computer, does not influence searching FPGA. During division, division field dynamic selected according rules. experimental results show time 50000 rules shorter than 0.051s, average rule-header Snort IDS 10 Gbps.
sci-hub.se 参考文章(7)
Derek Pao, Yiu Keung Li, Peng Zhou, Efficient packet classification using TCAMs Computer Networks. ,vol. 50, pp. 3523- 3535 ,(2006) , 10.1016/J.COMNET.2006.01.009
Yaxuan Qi, Jeffrey Fong, Weirong Jiang, Bo Xu, Jun Li, Viktor Prasanna, Multi-dimensional packet classification on FPGA: 100 Gbps and beyond field-programmable technology. pp. 241- 248 ,(2010) , 10.1109/FPT.2010.5681492
A.G. Alagu Priya, Hyesook Lim, Hierarchical packet classification using a Bloom filter and rule-priority tries Computer Communications. ,vol. 33, pp. 1215- 1226 ,(2010) , 10.1016/J.COMCOM.2010.03.009
P. Gupta, N. McKeown, Classifying packets with hierarchical intelligent cuttings IEEE Micro. ,vol. 20, pp. 34- 41 ,(2000) , 10.1109/40.820051
Yuhua Chen, Oladapo Oguntoyinbo, Power efficient packet classification using cascaded bloom filter and off-the-shelf ternary CAM for WDM networks Computer Communications. ,vol. 32, pp. 349- 356 ,(2009) , 10.1016/J.COMCOM.2008.11.002
Oguzhan Erdem, Hoang Le, Viktor K. Prasanna, Clustered Hierarchical Search Structure for Large-Scale Packet Classification on FPGA field-programmable logic and applications. pp. 201- 206 ,(2011) , 10.1109/FPL.2011.44
Wang Yong-gang, Zhang Tao, Zheng Yu-feng, Yang Yang, Realization of FPGA-based packet classification in embedded system instrumentation and measurement technology conference. pp. 938- 942 ,(2009) , 10.1109/IMTC.2009.5168586