Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: English
- Document No: 44378 (52)
- University: Sharif University of Technology, International Campus, Kish Island
- Department: Science and Engineering
- Advisor(s): Goudarzi, Maziar
- Abstract:
- With the proliferation of Internet-based applications and malicious attacks, security has become one of the most influential aspects in the network and, it should be considered from the beginning steps of designing the network infrastructure. Based on the fact that pattern matching is considered as one of the most important roles of security devices or applications, it becomes an important procedure in firewalls that have been classified as security equipments which adopt a security mechanism in order to restrict the traffic exchanged between networks and particular users or certain applications. While the trend of using compressed traffic is drastically increasing, this type of traffic is not handled by most of the current security tools. Therefore, we decided to focus on compressed HTTP traffic in this work.Inasmuch as we concentrate on pattern matching issue over compressed HTTP traffic and try to accelerate this process, we propose the Pattern Matching Engine (PME) which can be implemented as an independent component handling payload checking. This engine is capable to be integrated with the other components for header checking to provide the Deep Packet Inspection (DPI). In the higher level, the PME can become a component of a system that is able to perform the full functionality of a firewall. Also, we propose the pattern partitioning technique, from the pattern length point of view, to classify the patterns of the pattern set into two categories which are short patterns and long patterns. We aim to inspect the traffic for the occurrence of the patterns from the short patterns category taking advantage of the hardware. Consequently, a part of the workload of the whole pattern matching process can be held by the introduced engine. The other category, namely the long patterns, can be tackled by algorithms like ACCH algorithm which has been designed and optimized specifically for pattern matching over HTTP compressed traffic. Our design can support 1.2 Gbps throughput while it stores 140 patterns in a single device. It is implemented on FPGA using Quartus II development tools. The target device was Cyclone IV EP4CE115F29C7
- Keywords:
- Security ; Firewall System (Computer) ; Field Programmable Gate Array (FPGA) ; Pattern Matching ; Packet Processing ; Compressed Traffic
Digital Object List-
محتواي کتاب - view
Bookmark