GPU Application on Multi-Pattern Matching of Network Intrusion Detection

With the development of wire/wireless network applications, numerous network attacks and security threats have brought great attention to all of us. Fast processing network traffic to the exclusion of malicious packets becomes increasingly important. Intrusion Detection/Prevention System (IDPS) is a network security system that monitors networks or system activities for malicious and unwanted behaviors without breaking the network traffic.In this paper, we study a kernel component of most IDPS, multi-pattern matching by exploiting two wellknown algorithms, namely Wu-Manber and Aho-Corasick. For this purpose, we implement both algorithms over Graphic Processing Units (GPU) to speed up the malicious packet detection. Extensive experiments are conducted to compare the performance of our implementations on both CPU and GPU. Our experimental results show that the throughput of GPU implementation is about four times faster than CPU. Therefore, on the basis of considering the lower cost, easy expansion and better performance, rather than specific hardware, such as ASIC, TCAM, Bloom Filter, and so on, IDPS over GPU offers an attractive solution to speed up malicious packets detection among the normal traffic.