GPEP: Graphics Processing Enhanced Pattern-Matching for High-Performance Deep Packet Inspection

2011 ◽  
Author(s):  
Lucas John Vespa ◽  
Ning Weng
Keyword(s):  
Pattern Matching ◽  
High Performance ◽  
Deep Packet Inspection ◽  
Packet Inspection ◽  
Graphics Processing

scholarly journals A Hybrid CPU/GPU Pattern-Matching Algorithm for Deep Packet Inspection

PLoS ONE ◽  
2015 ◽  
Vol 10 (10) ◽  
pp. e0139301 ◽  
Author(s):  
Chun-Liang Lee ◽  
Yi-Shan Lin ◽  
Yaw-Chung Chen
Keyword(s):  
Pattern Matching ◽  
Deep Packet Inspection ◽  
Matching Algorithm ◽  
Pattern Matching Algorithm ◽  
Packet Inspection

scholarly journals An Efficient Security System for Mobile Data Monitoring

2018 ◽  
Vol 2018 ◽  
pp. 1-10 ◽  
Author(s):  
Likun Liu ◽  
Hongli Zhang ◽  
Xiangzhan Yu ◽  
Yi Xin ◽  
Muhammad Shafiq ◽  
...  
Keyword(s):  
High Performance ◽  
Rapid Development ◽  
Cyber Attacks ◽  
Security System ◽  
Deep Packet Inspection ◽  
Set Partition ◽  
Mobile Data ◽  
Tcp Protocol ◽  
Packet Inspection ◽  
Attack Intensity

During the last decade, rapid development of mobile devices and applications has produced a large number of mobile data which hide numerous cyber-attacks. To monitor the mobile data and detect the attacks, NIDS/NIPS plays important role for ISP and enterprise, but now it still faces two challenges, high performance for super large patterns and detection of the latest attacks. High performance is dominated by Deep Packet Inspection (DPI) mechanism, which is the core of security devices. A new TTL attack is just put forward to escape detecting, such that the adversary inserts packet with short TTL to escape from NIDS/NIPS. To address the above-mentioned problems, in this paper, we design a security system to handle the two aspects. For efficient DPI, a new two-step partition of pattern set is demonstrated and discussed, which includes first set-partition and second set-partition. For resisting TTL attacks, we set reasonable TTL threshold and patch TCP protocol stack to detect the attack. Compared with recent produced algorithm, our experiments show better performance and the throughput increased 27% when the number of patterns is 106. Moreover, the success rate of detection is 100%, and while attack intensity increased, the throughput decreased.

scholarly journals Performance Analysis of Machine Learning and Pattern Matching Techniques for Deep Packet Inspection in Firewalls

2021 ◽  
Author(s):  
J.V. BibalBenifa ◽  
Saravanan Krishnann ◽  
Hoang Long ◽  
Raghvendra Kumar ◽  
David Taniar
Keyword(s):  
Machine Learning ◽  
Pattern Matching ◽  
Hybrid Method ◽  
Naive Bayes ◽  
Denial Of Service ◽  
Naïve Bayes ◽  
Support Vector ◽  
The Internet ◽  
Deep Packet Inspection ◽  
Packet Inspection

Abstract Malware is essentially one of the major security issues that have the potential to break the computer operations instantly. Majority of the internet attacks are caused by malwares that are being distributed through HTTP over the Internet. A Firewall is essential to prevent such internet attacks for enhancing the security measures. The most efficient method to prevent Intrusion in the network is Deep Packet Inspection (DPI), which is presently implemented in advanced firewalls. This research work intends to detect and prevent the intrusion in the network using a hybrid method with DPI, Pattern Matching (PM), and Machine Learning (ML) techniques. In this present work, a hybrid method which involves the functionalities of both DPI and ML is used for classification and identification of attacks. Here, DPI is done by Boyer-Moore-Horspool (BMHP) pattern matching algorithm and ten ML algorithms such as Support Vector Machines (SVM), Linear-SVM (L-SVM), K-Nearest Neighbors (KNN), Multi-Layer Perceptron (MLP), Decision Tree (DT), Random Forest (RF), AdaBoost (Ada), Gaussian Naive Bayes (GaNB) and Bernouli Naive Bayes (BeNB) are employed for classification. Subsequently, the proposed work is evaluated in a sequential and parallel manner and it is customized for identifying the fuzzy, impersonation and Denial of Service (DoS)-based attacks. The proposed system is analyzed in different dimensions such as performance of ML methods and role of DPI in attack identification including the pattern matching efficiency. From the investigation, it is identified that BMHP algorithm has the least time and memory consumed values about 0.0028 sec and 125.4 Mib respectively. Similarly, SVM has the accuracy of 99.91% with the least time and memory consumed values about 18.185 sec and 303.5 MiB respectively.

Sign in / Sign up

Export Citation Format

Share Document