Determine point-to-point networking interactions using regular expressions
DOI:
https://doi.org/10.15276/opu.2.46.2015.21Keywords:
point-to-point networking interaction, regular expression, graphics processorAbstract
As Internet growth and becoming more popular, the number of concurrent data flows start to increasing, which makes sense in bandwidth requested. Providers and corporate customers need ability to identify point-to-point interactions. The best is to use special software and hardware implementations that distribute the load in the internals of the complex, using the principles and approaches, in particular, described in this paper. This paper represent the principles of building system, which searches for a regular expression match using computing on graphics adapter in server station. A significant computing power and capability to parallel execution on modern graphic processor allows inspection of large amounts of data through sets of rules. Using the specified characteristics can lead to increased computing power in 30…40 times compared to the same setups on the central processing unit. The potential increase in bandwidth capacity could be used in systems that provide packet analysis, firewalls and network anomaly detectors.
Keywords: point-to-point networking interaction, regular expression, graphics processor.
Downloads
References
Sommer, R. Enhancing byte-level network intrusion detection signatures with context / R. Sommer, V. Paxson // Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS’03), October 27–31, 2003, Washington, DC, USA. — New York: ACM Press, 2003. — PP. 262—271.
Roesch, M. Snort – Lightweight intrusion detection for networks / M. Roesch // Proceedings of the 13th USENIX Conference on System Administration (LISA’99), November 7–12, 1999, Seattle, WA, USA. — Berkeley, CA: USENIX Assoc., 1999. — PP. 229—238.
Paxson, V. Bro: a system for detecting network intruders in real-time / V. Paxson // Computer Networks. — 1999. — Vol. 31, Issues 23–24. — PP. 2435—2463.
Бойко, Ю.В. Методи покращення ефективності для систем високошвидкісної класифікації пакетів / Ю.В. Бойко, К.С. Дєєв // Вісн. ХНУ. Сер.: Математичне моделювання. Інформаційні технології. Автоматизовані системи управління. — 2014. — Вип. 25. — С. 5—12.
Gnort: High performance network intrusion detection using graphics processors / G. Vasiliadis, S. Antonatos, M. Polychronakis et al. // Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID’08), September 15–17, 2008, Cambridge, MA, USA. — Heidelberg: Springer-Verlag, 2008. — PP. 116—134.
Fast and memory-efficient regular expression matching for deep packet inspection / F. Yu, Z. Chen, Y. Diao et al. // Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems (ANCS 2006), December 3–5, 2006, San Jose, California, USA. — New York: ACM, 2006. — PP. 93—102.
NVIDIA CUDA Compute Unified Device Architecture Programming Guide, ver. 1.1 [Електронний ресурс] / NVIDIA. — 2007. — Режим доступу: http://sbel.wisc.edu/Courses/ME964/2008/Documents/Programming_Guide_1.1.pdf (Дата звернення: 03.03.2015).
Berry, G. From regular expressions to deterministic automata / G. Berry, R. Sethi // Theoretical Computer Science. — 1986. — Vol. 48. — PP. 117—126.
PCRE — Perl Compatible Regular Expressions [Електронний ресурс] / P. Hazel. — Режим доступу: http://www.pcre.org (Дата звернення: 03.03.2015).
OpenDPI [Електронний ресурс] / T. Bhatia. — 2012. — Режим доступу: https://github.com/thomasbhatia/OpenDPI (Дата звернення: 03.03.2015).
Clark, C.R. Efficient reconfigurable logic circuits for matching complex network intrusion detection patterns / C.R. Clark, D.E. Schimmel // Proceedings of 13th International Workshop on Field Programmable Logic and Applications (FPL 2003), September 1–3, 2003, Lisbon, Portugal. — Berlin; New York: Springer, 2003. — PP. 956—959.
