Comparative analysis of approaches to the building of reconfigurable security tools components

Authors

DOI:

https://doi.org/10.18372/2073-4751.66.15712

Keywords:

information security, signature analysis, multi-pattern matching, FPGA, effectiveness, comparative analysis

Abstract

This paper investigates the approaches to hardware implementation on the reconfigurable (based on FPGAs) signature-based security tools, which in real time solve computationally resource-intensive problem of multi-pattern matching in an intensive input data stream (intrusion detection systems, anti-virus and anti-spam tools). In order to assess the properties of such tools and their components, as well as to compare different approaches to recognition schemes building, the performance indicators are identified and classified. It was found that the most effective in the construction of hardware schemes for multi-pattern matching are the following three approaches and corresponding underlying technologies: associative memory based on digital comparators; Bloom filter based on hash functions; Aho–Corasik algorithm based on finite automata. A qualitatively formalized review in terms of correspondent indicators is provided for each of these directions. The features of its implementation on FPGA, the difficulties and problems that arise, and ways to eliminate them are investigated as well. A comparative analysis of these approaches was performed. It is concluded that none of them demonstrates clear advantages over others, so the methods to combine different approaches in a single device, maximizing efficiency by realizing their advantages, are needed.

References

Палагин А.В., Опанасенко В.Н. Реконфигурируемые вычислительные системы: Основы и приложения / К.: «Просвіта», 2006. – 280 с.

Гильгурт С.Я. Реконфигурируемые вычислители. Аналитический обзор // Электронное моделирование. – 2013. – Т.35, № 4. – С. 49-72.

Смит Б. Методы и алгоритмы вычислений на строках. Теоретические основы регулярных вычислений / Пер. с англ. – М.: Вильямс, 2006. – 496 с.

Chen H., Chen Y., Summerville D.H. Survey on the Application of FPGAs for Network Infrastructure Security // IEEE Communications Surveys and Tutorials, Article. – 2011. – Vol. 13, №4. – P. 541-561.

Гільгурт С.Я. Побудова асоціативної пам'яті на цифрових компараторах реконфігуровними засобами для вирішення задач інформаційної безпеки // Електронне моделювання. – 2019. – Т. 41, №3. – С. 59-80.

Гільгурт С. Побудова фільтрів Блума реконфігуровними засобами для вирішення задач інформаційної безпеки // Безпека інформації. – 2019. – Т. 25, №1. – С. 53-58.

Гільгурт С. Побудова скінченних автоматів реконфігуровними засобами для вирішення задач інформаційної безпеки // Захист інформації. – 2019. – Т. 21, №2. – С. 111-120.

Downloads

Published

2021-07-07

How to Cite

Hilgurt, S. (2021). Comparative analysis of approaches to the building of reconfigurable security tools components. Problems of Informatization and Management, 2(66), 17–26. https://doi.org/10.18372/2073-4751.66.15712

Issue

Vol. 2 No. 66 (2021)

Section

Статті

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.