1. No category

String Lookup Cache

Janardhan Singaraju, John A. Chandy
- Presented by Matthew Reffle
Matthew Reffle
2013-03-20
1







Introduction/Background Information
Current Implementations
Hardware Designs
Results and Applications
Concluding Remarks
Comments and Criticism
Question
Matthew Reffle
2013-03-20
2


What is string matching?
Current implementations:
◦ Software
 Flexible/reliable but slower
◦ Hardware
 Fast but area and resource consuming

Current uses:
◦ DNS lookup
◦ IP address searches
◦ Network security
Matthew Reffle
2013-03-20
3







Rabin-Karp
Knuth-Morris
Boyer-Moore
Good/reliable output
Very flexible
Works on GPP
Slower for networks
Software






Not many
implementations(2006)
Shift and add
Motoura’s cellular
automata
Not very flexible
More resources
Very fast
Hardware
Matthew Reffle
2013-03-20
4
String Lookup Cache &
Network Intrusion Detection
Matthew Reffle
2013-03-20
5



Mainly used in DNS lookup and IP Address
mapping
Uses character arrays to match strings,
character by character
Implementable on FPGAS
Matthew Reffle
2013-03-20
6



General lookup cache
Network Processor design
32-bit bus for IP Address return
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications” 2008
Matthew Reffle
2013-03-20
7




Made up of a 8xn array
of CAM Cells
Each CAM contains
a bit comparator and
a storage cell
Each character in ASCII
representation
Parallel implementation
between characters
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
8





Uses multi-byte boundary with a possibility
to use more PEs for flexibility
After character match is found PE Array will
show which word is a match
Uses flags to represent a match
When flags match a word then word is found
Time in an m
word search is
m time.
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
9
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008


Basic overview of high level
system
Each character match sets a 1 and each word
match will set a 1, otherwise 0.
Matthew Reffle
2013-03-20
10
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008




Hardware implemented
via FPGA dominated
software
Searches per second
increased 300 times
Throughput well exceeds
todays network standards
Common applications:
◦ DNS lookup and IP Address mapping
◦ Network storage
◦ Network Intrusion
Matthew Reffle
2013-03-20
11


Process of identifying and analysing threats
to a network
Passive
◦ Secondary node analyzes data coming onto network

Host
◦ Looking at information coming into a specific node
(usually a router, gateway or switch)


Software had very poor throughput
Need to increase throughput with hardware
Matthew Reffle
2013-03-20
12



Different from Lookup Cache architecture
Needs more precise lookup rules
Control unit must have control over
individual sections in the
PE array
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
13




More of a byte match array
Does not use CAM cells
Needed for multi-length
and dictionary type
processing as well as
mid-byte checking
Used for checking for matches
in different processing elements
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
14


Stores information from PE Arrays in a buffer
in order to figure out the position of the
matching word
Control logic resets and manages each array
and memory buffer
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
15



Multi-byte matching
Sends “fl44” over 2 clock
cycles
Finds Match “l44” target
string
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
16



Throughput increases
as parallelism increases
Size increases as
parallelism increases
Not able to fully
implement all the rules,
about half
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
17


String Lookup Cache improves dramatically
over software
Network Intrusion Detection has been
completed before
◦ Comparable to other works, better in logic cells
◦ No other outstanding improvements
Singaraju, J., Chandy, J. A. “FPGA Based String Matching for Network Processing Applications”, 2008
Matthew Reffle
2013-03-20
18





Well written
Well documented
Very detailed
Good references
Great improvements
for Lookup Cache



No strong
improvements in
Network Intrusion
Virtex-II Pro was not
able to fully
implement Network
Intrusion design
May be very useful
to implement this
using a higher end
model today
Matthew Reffle
2013-03-20
19
Matthew Reffle
2013-03-20
20

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2024 Paperzz