Boundary hash for memory-efficient deep packet inspection

N. Sertac Artan, Masanori Bando, H. Jonathan Chao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network Intrusion Detection and Prevention Systems (NIDPSs) are critical for network security. The Deep Packet Inspection (DPI) operation consumes a significant amount of resources in NIDPS. This is because to detect malicious activity DPI searches a database of signatures for each byte of every packet. In this paper, we develop a highly space-efficient data structure for hardware realization of Minimal Perfect Hash Functions (MPHFs). This data structure is simple to construct, requires 7n bits to represent the MPHF for a set of n keys and allows high-speed DPI.

Original languageEnglish (US)
Title of host publicationICC 2008 - IEEE International Conference on Communications, Proceedings
Pages1732-1737
Number of pages6
DOIs
StatePublished - Sep 12 2008
EventIEEE International Conference on Communications, ICC 2008 - Beijing, China
Duration: May 19 2008May 23 2008

Publication series

NameIEEE International Conference on Communications
ISSN (Print)0536-1486

Other

OtherIEEE International Conference on Communications, ICC 2008
CountryChina
CityBeijing
Period5/19/085/23/08

Keywords

  • Boundary hash
  • DPI
  • Deep packet inspection
  • Minimal perfect hash functions
  • NIDPS
  • Network intrusion detection and prevention system
  • Network security
  • Snort
  • TriBiCa
  • Trie bitmap content analyzer

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Boundary hash for memory-efficient deep packet inspection'. Together they form a unique fingerprint.

  • Cite this

    Artan, N. S., Bando, M., & Chao, H. J. (2008). Boundary hash for memory-efficient deep packet inspection. In ICC 2008 - IEEE International Conference on Communications, Proceedings (pp. 1732-1737). [4533369] (IEEE International Conference on Communications). https://doi.org/10.1109/ICC.2008.333