scholarly journals AN EFFICIENT AND SYSTEMATIC VIRUS DETECTION PROCESSOR FOR EMBEDDED NETWORK SECURITY

2015 ◽  
pp. 185-190
Author(s):  
P.MUTHU KUMARAN ◽  
R.V.ASHOK PRATHAP ◽  
D. MATHAVAN
Keyword(s):  
Network Security ◽  
Embedded Systems ◽  
Pattern Matching ◽  
Virus Detection ◽  
Application Layer ◽  
Exact Matching ◽  
Chip Data ◽  
Second Stage ◽  
Embedded Network ◽  
Matching Mechanism

Network security has always been an important issue and its application is ready to perform powerful pattern matching to protect against virus attacks, spam and Trojan horses. However, attacks such as spam, spyware, worms, viruses, and phishing target the application layer rather than the network layer. Therefore, traditional firewalls no longer provide enough protection. However, the solutions in the literature for firewalls are not scalable, and they do not address the difficulty of an antivirus. The goal is to provide a systematic virus detection hardware solution for network security for embedded systems. Instead of placing entire matching patterns on a chip, our solution is based on an antivirus processor that works as much of the filtering information as possible onto a chip. The infrequently accessing off-chip data to make the matching mechanism scalable to large pattern sets. In the first stage, the filtering engine can filter out more than 93.1% of data as safe, using a merged shift table. Only 6.9% or less of potentially unsafe data must be precisely checked in the second stage by the exact-matching engine from off-chip memory. To reduce the memory gap and to improve the performance, we also propose three algorithms are used: 1) a skipping algorithm; 2) a cache method; and 3) a prefetching mechanism.

A Scalable High-Performance Virus Detection Processor Against a Large Pattern Set for Embedded Network Security

2012 ◽  
Vol 20 (5) ◽  
pp. 841-854 ◽  
Author(s):  
Chieh-Jen Cheng ◽  
Chao-Ching Wang ◽  
Wei-Chun Ku ◽  
Tien-Fu Chen ◽  
Jinn-Shyan Wang
Keyword(s):  
Network Security ◽  
High Performance ◽  
Virus Detection ◽  
Large Pattern ◽  
Embedded Network

Research on Campus Network Security Problem and Protection Strategy

2021 ◽  
pp. 1352-1369
Author(s):  
Yongli Liu ◽  
Weifang Zhai ◽  
Song Ji
Keyword(s):  
Network Security ◽  
The Internet ◽  
Security Threats ◽  
Campus Network ◽  
Application Layer ◽  
Layer System ◽  
Protection Measures ◽  
Protection Strategy ◽  
Security Issues ◽  
Security Problem

With the “Internet +” era of arrival, the major colleges and universities are in the construction of the wisdom of the campus, students and teachers living with the campus network is more and more closely related, Campus network security has become the protection of the wisdom of the campus construction. Campus network security issues become increasingly serious; a single security protection has been unable to meet the current security needs. This paper analyzes the major security threats facing the campus network, and presents the campus network security protection measures from the physical layer, network layer, system layer, application layer and management of five aspects, thus constructing the campus network's overall security defense system. The system has multiple security protection for Campus Network, thus improving the security of the campus network.

Security Enhancement of Remote FPGA Devices By a Low Cost Embedded Network Processor

2013 ◽  
Vol 9 (2) ◽  
pp. 36-48
Author(s):  
Qutaiba Ali ◽  
Sahar Lazim
Keyword(s):  
Embedded Systems ◽  
Data Security ◽  
Low Cost ◽  
Network Processor ◽  
New Method ◽  
Design Data ◽  
Security Enhancement ◽  
Embedded Network

The incredible growth of FPGA capabilities in recent years and the new included features have made them more and more attractive for numerous embedded systems. There is however an important shortcoming concerning security of data and design. Data security implies the protection of the FPGA application in the sense that the data inside the circuit and the data transferred to/from the peripheral circuits during the communication are protected. This paper suggests a new method to support the security of any FPGA platform using network processor technology. Low cost IP2022 UBICOM network processor was used as a security shield in front of any FPGA device. It was supplied with the necessary security methods such as AES ciphering engine, SHA-1, HMAC and an embedded firewall to provide confidentiality, integrity, authenticity, and packets filtering features.

A dependency-based method for evaluating broad-coverage parsers

1998 ◽  
Vol 4 (2) ◽  
pp. 97-114 ◽  
Author(s):  
DEKANG LIN
Keyword(s):  
Pattern Matching ◽  
Performance Measures ◽  
Evaluation Method ◽  
Structural Pattern ◽  
Lexical Categories ◽  
Different Types ◽  
Parse Trees ◽  
Matching Mechanism ◽  
Dependency Trees ◽  
Overall Performance

With the emergence of broad-coverage parsers, quantitative evaluation of parsers becomes increasingly more important. We propose a dependency-based method for evaluating broad-coverage parsers that offers more meaningful performance measures than previous approaches. We also present a structural pattern-matching mechanism that can be used to eliminate inconsequential differences among different parse trees. Previous evaluation methods have only evaluated the overall performance of parsers. The dependency-based method can also evaluate parsers with respect to different kinds of grammatical relationships or different types of lexical categories. An algorithm for transforming constituency trees into dependency trees is presented, which makes the evaluation method applicable to both constituency grammars and dependency grammars.

scholarly journals MULTI-GIGABIT PATTERN FOR DATA IN NETWORK SECURITY

2013 ◽  
pp. 249-256
Author(s):  
Praveen Kumar . Ch ◽  
Prof.P.Vijai Bhaskar ◽  
Ravi. Ch ◽  
B.Rambhupal Reddy
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Pattern Matching ◽  
Intrusion Detection Systems ◽  
Search Pattern ◽  
Detection Systems ◽  
Network Intrusion ◽  
Matching Techniques ◽  
Detection Search ◽  
Perfect Hashing

In the current scenario network security is emerging the world. Matching large sets of patterns against an incoming stream of data is a fundamental task in several fields such as network security or computational biology. High-speed network intrusion detection systems (IDS) rely on efficient pattern matching techniques to analyze the packet payload and make decisions on the significance of the packet body. However, matching the streaming payload bytes against thousands of patterns at multi-gigabit rates is computationally intensive. Various techniques have been proposed in past but the performance of the system is reducing because of multi-gigabit rates.Pattern matching is a significant issue in intrusion detection systems, but by no means the only one. Handling multi-content rules, reordering, and reassembling incoming packets are also significant for system performance. We present two pattern matching techniques to compare incoming packets against intrusion detection search patterns. The first approach, decoded partial CAM (DpCAM), pre-decodes incoming characters, aligns the decoded data, and performs logical AND on them to produce the match signal for each pattern. The second approach, perfect hashing memory (PHmem), uses perfect hashing to determine a unique memory location that contains the search pattern and a comparison between incoming data and memory output to determine the match. The suggested methods have implemented in vhdl coding and we use Xilinx for synthesis.

Sign in / Sign up

Export Citation Format

Share Document