short-paper

Free access

A 60Gbps DPI Prototype based on Memory-Centric FPGA

Authors:

Xin WangAuthors Info & Claims

SIGCOMM '16: Proceedings of the 2016 ACM SIGCOMM Conference

Pages 627 - 628

https://doi.org/10.1145/2934872.2959079

Published: 22 August 2016 Publication History

PDF eReader

Abstract

Deep packet inspection (DPI) is widely used in content-aware network applications to detect string features. It is of vital importance to improve the DPI performance due to the ever-increasing link speed. In this demo, we propose a novel DPI architecture with a hierarchy memory structure and parallel matching engines based on memory-centric FPGA. The implemented DPI prototype is able to provide up to 60Gbps full-text string matching throughput and fast rules update speed.

References

[1]

Emerging threats: Open source signatures. https://rules.emergingthreats.net/open/snort-2.9.0/.

Google Scholar

[2]

Portable ipro. http://www.exfo.com.

Google Scholar

[3]

Rfc 2544. http://www.ietf.org/rfc/rfc2544.txt.

Google Scholar

[4]

Snort v2.9. 2014. http://www.snort.org/.

Google Scholar

[5]

A. V. Aho and M. J. Corasick. Efficient string matching: an aid to bibliographic search. Communications of the ACM, 18(6):333–340, 1975.

Digital Library

Google Scholar

[6]

Y.-H. E. Yang and V. K. Prasanna. Robust and scalable string pattern matching for deep packet inspection on multicore processors. Parallel and Distributed Systems, IEEE Transactions on, 24(11):2283–2292, 2013.

Digital Library

Google Scholar

Cited By

View all

Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Satoh AFukuda YKitagata GNakamura Y(2021)A Word-Level Analytical Approach for Identifying Malicious Domain Names Caused by Dictionary-Based DGA MalwareElectronics10.3390/electronics1009103910:9(1039)Online publication date: 28-Apr-2021
https://doi.org/10.3390/electronics10091039
Satoh AFukuda YHayashi TKitagata G(2020)A Superficial Analysis Approach for Identifying Malicious Domain Names Generated by DGA MalwareIEEE Open Journal of the Communications Society10.1109/OJCOMS.2020.30387041(1837-1849)Online publication date: 2020
https://doi.org/10.1109/OJCOMS.2020.3038704
Show More Cited By

Index Terms

A 60Gbps DPI Prototype based on Memory-Centric FPGA
1. Networks
  1. Network algorithms
    1. Data path algorithms
      1. Deep packet inspection
2. Theory of computation
  1. Design and analysis of algorithms
    1. Data structures design and analysis
      1. Pattern matching

Recommendations

Improving matching performance of DPI traffic classifier
SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

Traffic classification through DPI technology is considered spending most CPU time in pattern matching, leading to the conclusion that it is not suitable for classifying traffic online on high speed networks. In this paper we focus on how to improve ...
Efficient memory management of a hierarchical and a hybrid main memory for MN-MATE platform
PMAM '12: Proceedings of the 2012 International Workshop on Programming Models and Applications for Multicores and Manycores

The advent of manycore in computing architecture causes severe energy consumption and memory wall problem. Thus, emerging technologies such as on-chip memory and nonvolatile memory (NVRAM) have led to a paradigm shift in computing architecture era. For ...
Prototype and evaluation of the CoRAM memory architecture for FPGA-based computing
FPGA '12: Proceedings of the ACM/SIGDA international symposium on Field Programmable Gate Arrays

The CoRAM memory architecture for FPGA-based computing augments traditional reconfigurable fabric with a natural and effective way for applications to interact with off-chip memory and I/O. The two central tenets of the CoRAM memory architecture are (1) ...

Comments

Information & Contributors

Information

Published In

SIGCOMM '16: Proceedings of the 2016 ACM SIGCOMM Conference

August 2016

645 pages

ISBN:9781450341936

DOI:10.1145/2934872

General Chairs:
Marinho Barcellos
UFRGS
,
Jon Crowcroft
University of Cambridge
,
Program Chairs:
Amin Vahdat
Google
,
Sachin Katti
Stanford University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 August 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

SIGCOMM '16

Sponsor:

SIGCOMM

SIGCOMM '16: ACM SIGCOMM 2016 Conference

August 22 - 26, 2016

Florianopolis, Brazil

Acceptance Rates

SIGCOMM '16 Paper Acceptance Rate 39 of 231 submissions, 17%;

Overall Acceptance Rate 462 of 3,389 submissions, 14%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
610
Total Downloads

Downloads (Last 12 months)137
Downloads (Last 6 weeks)18

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Satoh AFukuda YKitagata GNakamura Y(2021)A Word-Level Analytical Approach for Identifying Malicious Domain Names Caused by Dictionary-Based DGA MalwareElectronics10.3390/electronics1009103910:9(1039)Online publication date: 28-Apr-2021
https://doi.org/10.3390/electronics10091039
Satoh AFukuda YHayashi TKitagata G(2020)A Superficial Analysis Approach for Identifying Malicious Domain Names Generated by DGA MalwareIEEE Open Journal of the Communications Society10.1109/OJCOMS.2020.30387041(1837-1849)Online publication date: 2020
https://doi.org/10.1109/OJCOMS.2020.3038704
Xing JWu C(2020)Detecting Anomalies in Encrypted Traffic via Deep Dictionary LearningIEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFOCOMWKSHPS50562.2020.9162940(734-739)Online publication date: Jul-2020
https://doi.org/10.1109/INFOCOMWKSHPS50562.2020.9162940
Yan HLi HXiao MDai RZheng XZhao XLi F(2020)PGSM-DPI: Precisely Guided Signature Matching of Deep Packet Inspection for Traffic Analysis2019 IEEE Global Communications Conference (GLOBECOM)10.1109/GLOBECOM38437.2019.9013941(1-6)Online publication date: 17-Jun-2020
https://dl.acm.org/doi/10.1109/GLOBECOM38437.2019.9013941
Su JHan BLv GLi TSun Z(2019)A Heterogeneous Parallel Packet Processing Architecture for NFV Acceleration2019 IEEE 27th International Conference on Network Protocols (ICNP)10.1109/ICNP.2019.8888106(1-2)Online publication date: Oct-2019
https://doi.org/10.1109/ICNP.2019.8888106
Yan ZLv SZhang YZhu HSun L(2019)Remote Fingerprinting on Internet-Wide Printers Based on Neural Network2019 IEEE Global Communications Conference (GLOBECOM)10.1109/GLOBECOM38437.2019.9014144(1-6)Online publication date: Dec-2019
https://doi.org/10.1109/GLOBECOM38437.2019.9014144
Pimenta Rodrigues GDe Oliveira Albuquerque RGomes de Deus FDe Sousa Jr. RDe Oliveira Júnior GGarcía Villalba LKim T(2017)Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet InspectionApplied Sciences10.3390/app71010827:10(1082)Online publication date: 18-Oct-2017
https://doi.org/10.3390/app7101082
Yang JJiang LBai XDai QSu MBhuiyan M(2017)An FPGA-Based Algorithm to Accelerate Regular Expression MatchingSecurity, Privacy, and Anonymity in Computation, Communication, and Storage10.1007/978-3-319-72395-2_39(424-434)Online publication date: 9-Dec-2017
https://doi.org/10.1007/978-3-319-72395-2_39

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Improving matching performance of DPI traffic classifier

Efficient memory management of a hierarchical and a hybrid main memory for MN-MATE platform

Prototype and evaluation of the CoRAM memory architecture for FPGA-based computing