Abstract
Network Intrusion Detection Systems (NIDS) and Anti-Denial-of-Service (DoS) employ Deep Packet Inspection (DPI) which provides visibility to the content of payload to detect network attacks. All DPI engines assume a pre-processing step that extracts the various protocol specific fields. However, application layer (L7) field extraction is computationally expensive. We propose a Deep Packet Field Extraction Engine (DPFEE) to offload the application layer field extraction to hardware. DPFEE is a content-aware, grammar-based, Layer 7 programmable field extraction engine for text-based protocols. Our prototype DPFEE implementation for the Session Initiation Protocol (SIP) on a single FPGA, achieved a bandwidth of 257.1 Gbps and this can be easily scaled beyond 300 Gbps.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
