The objective of this research is to design and develop a fast string matcher using the content addressable memory technology. It is appropriate for use in applications that require a variable width dynamic string matcher, where the content of the matching module has to be varied within a certain time period. This alteration includes the need to add, remove or even modify the content without the need to change the module, it is capable of matching thousands of complex patterns at gigabit network rates for network intrusion Detection systems (NIDS). The content of the string matcher is padded with don't cares in order to solve the length difference problem between words. The products of this work include a software program that translate and compress standard intrusion detection patterns into binary Strings to be stored into the Matcher CAM. A typical feature for this matcher is that the length of each word is independent from the others. Changing the contents of this string matcher is a simple memory rewrite task no needs for reconfiguration the FPGA circuits. This module can be used in applications that require packet-level fire-wall based security systems. Moreover, we present a detailed comparison with different hardware implemented NIDS algorithms.
展开▼