This project introduces first hardware-based attestation approach with provable security properties, and argue for its importance as a component in a new comparison operations. Among hardware approaches, memory-based architecture has attracted a lot of attention because of its easy re-configurability and scalability. In order to accommodate the increasing number of attack patterns and meet the throughput requirement of networks, a successful network intrusion detection system must have a memory-efficient pattern-matching algorithm and hardware design is discussed. In this paper, we propose a memory-efficient pattern-matching algorithm which can significantly reduce the memory requirement. For Snort rule sets, the new algorithm achieves 21% of memory reduction compared with the traditional Aho–Corasick algorithm. In addition, we can gain 24% of memory reduction by integrating our approach to the bit-split algorithm which is the state-of-the-art memory-based approach. Proposed algorithm is conceptually simple and easy to implement. The method readily generalizes to higher-dimensional pattern matching problems.
Indian Member 40.00
Others Member 3.00