Ваш браузер устарел.

Для того, чтобы использовать все возможности сайта, загрузите и установите один из этих браузеров.

скрыть

Article

  • Title

    Determine point-to-point networking interactions using regular expressions

  • Authors

    Deev Konstantin S.
    Boyko Yuriy V.

  • Subject

    COMPUTER AND INFORMATION NETWORKS AND SYSTEMS. MANUFACTURING AUTOMATION

  • Year 2015
    Issue 2(46)
    UDC 004.77:519.2
    DOI 10.15276/opu.2.46.2015.21
    Pages 119-123
  • Abstract

    As Internet growth and becoming more popular, the number of concurrent data flows start to increasing, which makes sense in bandwidth requested. Providers and corporate customers need ability to identify point-to-point interactions. The best is to use special software and hardware implementations that distribute the load in the internals of the complex, using the principles and approaches, in particular, described in this paper. This paper represent the principles of building system, which searches for a regular expression match using computing on graphics adapter in server station. A significant computing power and capability to parallel execution on modern graphic processor allows inspection of large amounts of data through sets of rules. Using the specified characteristics can lead to increased computing power in 30…40 times compared to the same setups on the central processing unit. The potential increase in bandwidth capacity could be used in systems that provide packet analysis, firewalls and network anomaly detectors.
    Keywords: point-to-point networking interaction, regular expression, graphics processor.

  • Keywords point-to-point networking interaction, regular expression, graphics processor
  • Viewed: 1292 Dowloaded: 5
  • Download Article
  • References

    Література
    1.    Sommer, R. Enhancing byte-level network intrusion detection signatures with context / R. Sommer, V. Paxson // Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS’03), October 27–31, 2003, Washington, DC, USA. — New York: ACM Press, 2003. — PP. 262—271.
    2.    Roesch, M. Snort – Lightweight intrusion detection for networks / M. Roesch // Proceedings of the 13th USENIX Conference on System Administration (LISA’99), November 7–12, 1999, Seattle, WA, USA. — Berkeley, CA: USENIX Assoc., 1999. — PP. 229—238.
    3.    Paxson, V. Bro: a system for detecting network intruders in real-time / V. Paxson // Computer Networks. — 1999. — Vol. 31, Issues 23–24. — PP. 2435—2463.
    4.    Бойко, Ю.В. Методи покращення ефективності для систем високошвидкісної класифікації пакетів / Ю.В. Бойко, К.С. Дєєв // Вісн. ХНУ. Сер.: Математичне моделювання. Інформаційні технології. Автоматизовані системи управління. — 2014. — Вип. 25. — С. 5—12.
    5.    Gnort: High performance network intrusion detection using graphics processors / G. Vasiliadis, S. Antonatos, M. Polychronakis et al. // Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID’08), September 15–17, 2008, Cambridge, MA, USA. — Heidelberg: Springer-Verlag, 2008. — PP. 116—134.
    6.    Fast and memory-efficient regular expression matching for deep packet inspection / F. Yu, Z. Chen, Y. Diao et al. // Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems (ANCS 2006), December 3–5, 2006, San Jose, California, USA. — New York: ACM, 2006. — PP. 93—102.
    7.    NVIDIA CUDA Compute Unified Device Architecture Programming Guide, ver. 1.1 [Електронний ресурс] / NVIDIA. — 2007. — Режим доступу: http://sbel.wisc.edu/Courses/ME964/2008/Documents/Programming_Guide_1.1.pdf (Дата звернення: 03.03.2015).
    8.    Berry, G. From regular expressions to deterministic automata / G. Berry, R. Sethi // Theoretical Computer Science. — 1986. — Vol. 48. — PP. 117—126.
    9.    PCRE — Perl Compatible Regular Expressions [Електронний ресурс] / P. Hazel. — Режим доступу: http://www.pcre.org (Дата звернення: 03.03.2015).
    10.    OpenDPI [Електронний ресурс] / T. Bhatia. — 2012. — Режим доступу: https://github.com/thomasbhatia/OpenDPI (Дата звернення: 03.03.2015).
    11.    Clark, C.R. Efficient reconfigurable logic circuits for matching complex network intrusion detection patterns / C.R. Clark, D.E. Schimmel // Proceedings of 13th International Workshop on Field Programmable Logic and Applications (FPL 2003), September 1–3, 2003, Lisbon, Portugal. — Berlin; New York: Springer, 2003. — PP. 956—959.

    References

    1.    Sommer, R. and Paxson, V. (2003). Enhancing byte-level network intrusion detection signatures with context. In V. Atluri, P. Liu (Eds.), Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS’03) (pp. 262—271). New York: ACM Press.
    2.    Roesch, M. (1999). Snort – Lightweight intrusion detection for networks. In Proceedings of the 13th USENIX Conference on System Administration (LISA’99) (pp. 229—238). Berkeley, CA: USENIX Assoc.
    3.    Paxson, V. (1999). Bro: a system for detecting network intruders in real-time. Computer Networks, 31(23–24), 2435—2463.
    4.    Boyko, Yu.V. and Deev, K.S. (2014). Methods of improvement effectiveness for high-speed packet classifying. Bulletin of V. Karazin Kharkiv National University: Mathematical modeling. Information technology. Automated control systems, 25, 5—12
    5.    Vasiliadis, G., Antonatos, S., Polychronakis, M., Markatos, E.P. and Ioannidis, S. (2008). Gnort: High performance network intrusion detection using graphics processors. In R. Lippmann, E. Kirda, A. Trachtenberg (Eds.), Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID’08) (pp. 116—134). Heidelberg: Springer-Verlag.
    6.    Yu, F., Chen, Z., Diao, Y., Lakshman, T.V. and Katz, R.H. (2006). Fast and memory-efficient regular expression matching for deep packet inspection. In Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems (ANCS 2006) (pp. 93—102). New York: ACM.
    7.    NVIDIA. (2007). NVIDIA CUDA Compute Unified Device Architecture Programming Guide, ver. 1.1. Retrieved from http://sbel.wisc.edu/Courses/ME964/2008/Documents/Programming_Guide_1.1.pdf
    8.    Berry, G. and Sethi, R. (1986). From regular expressions to deterministic automata. Theoretical Computer Science, 48, 117—126.
    9.    PCRE — Perl Compatible Regular Expressions. Retrieved from http://www.pcre.org
    10.    OpenDPI. Retrieved from https://github.com/thomasbhatia/OpenDPI
    11.    Clark, C.R. and Schimmel, D.E. (2003). Efficient reconfigurable logic circuits for matching complex network intrusion detection patterns. In P.Y.K. Cheung, G.A. Constantinides, J.T. de Sousa (Eds.), Proceedings of 13th International Workshop on Field Programmable Logic and Applications (FPL 2003) (pp. 956—959). Berlin; New York: Springer.

  • Creative Commons License by Author(s)