Workshop V:
High-Speed Regular Expression Matching using Small TCAMs
 |
Speaker: Alex X. Liu Abstract: Deep packet inspection is a key part of many networking devices on the Internet such as Network Intrusion Detection (or Prevention) Systems (NIDS/NIPS), firewalls, and layer 7 switches. In the past, deep packet inspection typically used string matching as a core operator, namely examining whether a packet's payload matches any of a set of predefined strings. Today, deep packet inspection typically uses regular expression matching as a core operator, namely examining whether a packet's payload matches any of a set of predefined regular expressions, because regular expressions are fundamentally more expressive, efficient, and flexible in specifying attack signatures. In this talk, we discuss hardware-based regular expression matching approaches that uses Ternary Content Addressable Memory (TCAM), which is available as off-the-shelf chips and has been widely deployed in modern networking devices for tasks such as packet classification. About the speaker: Alex X. Liu received his Ph.D. degree in Computer Science from The University of Texas at Austin in 2006. He received the IEEE & IFIP William C. Carter Award in 2004, the National Science Foundation CAREER Award in 2009, and the Michigan State University Withrow Distinguished Scholar Award in 2011. His special research interests are in networking, security, and privacy. His general research interests include computer systems, distributed computing, and dependable systems. He has written two books that is Firewall Design and Analysis and Hardware Based Packet Classification for High Speed Internet Routers. |
