Graphics processing unit (GPU) based method for detecting message content of high-speed network

A technology of message content and detection method, which is applied in the field of network security, can solve problems such as affecting performance, large memory access overhead, and many occurrences, and achieve the effects of improving overall performance, improving matching speed, and high matching performance

Inactive Publication Date: 2011-05-18
NAT UNIV OF DEFENSE TECH
View PDF3 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] 1. The complexity of the DFA state table leads to many branches in the matching process, or multiple tables need to be searched during matching, and the memory access overhead during matching is high, which seriousl

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Graphics processing unit (GPU) based method for detecting message content of high-speed network
  • Graphics processing unit (GPU) based method for detecting message content of high-speed network
  • Graphics processing unit (GPU) based method for detecting message content of high-speed network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] figure 1 It is an overall flow chart of the present invention. The invention is divided into four steps: preprocessing pattern set and allocating buffer; loading message to GPU shared memory; designing and implementing regular expression matching engine based on GPU; pattern matching.

[0050] Fig. 2 is a flow chart of the fourth step of pattern matching in the present invention. After the CPU captures and preprocesses the packets from the NIC, it buffers the packets into the CPU packet buffer. The GPU control thread puts the CPU message buffer in the l A message is transmitted to the GPU message buffer, and the regular expression matching engine is started to check the message content. After the GPU matching is completed, the GPU control thread copies the matching result from the GPU global memory result buffer to the CPU memory result buffer. The GPU is used as a coprocessor of the CPU and is only responsible for packet matching.

[0051] image 3 It is the expan...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a graphics processing unit (GPU) based method for detecting the message content of a high-speed network to solve the technical problems of reducing the frequency of branch appearance during GPU matching, optimizing the memory access strategies and improving the performance of message content inspection. The technical scheme is as follows: the method comprises the following steps: firstly preprocessing a pattern set and allocating buffer zones, extending a state transfer table of a deterministic finite automaton (DFA) and allocating the buffer zones for the message and the matching result in a central processing unit (CPU) memory and a GPU global memory respectively; secondly loading the message to be matched to a shared memory by the GPU matching thread; and thirdly realizing a GPU-based regular expression matching engine through designing and controlling the regular expression matching engine to carry out pattern matching. By adopting the method, the parallelism of message buffer and message transmission can be improved, the regular expression matching speed is improved and the performances of message buffer and message content inspection are improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a deep message content detection method for a high-speed network. Background technique [0002] With the diversification of network services and applications, attack methods and intrusion methods emerge in an endless stream, and the network is facing increasingly serious security problems. The network security system implements security early warning and intrusion detection by capturing network traffic and in-depth inspection of message content. The detection of message content is usually to match the payload of the message with a predefined pattern, and pattern matching is the bottleneck of the performance of the entire security system. [0003] As network attacks become more and more complex, the pattern used for message content detection is also replaced by regular expressions with stronger expressive capabilities. The matching process of regular expressions in message...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/56H04L12/861
Inventor 苏金树赵国鸿王磊陈曙晖王勇军唐勇钟求喜张怡庞立会张博锋刘波
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap