Abstract
Many computer network provide limited security through simple firewall feature in router and switch. Some networks that require higher security use deep packet filter to capture packets that can not be detected by simple firewall. Deep packet filters use list of rules for determining safety of packets. There is a high degree of parallelism in processing these rules because each rule represent independent pattern matching process. We find that the underlying architecture for existing software and hardware firewalls do not fully take advantage of this parallelism. Thus, we design a deep packet filtering firewall on a field programmable gate array (FPGA) to take advantage of the parallelism while retaining its programmability. Our implementation is capable of processing over 2.88 gigabits per second of network stream on an Altera EP20K series FPGA without manual optimization. © Springer-Verlag Berlin Heidelberg 2002.
Cite
CITATION STYLE
Cho, Y. H., Navab, S., & Mangione-Smith, W. H. (2002). Specialized hardware for deep network packet filtering. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2438 LNCS, pp. 452–461). Springer Verlag. https://doi.org/10.1007/3-540-46117-5_48
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
