CN111107068B - Efficient rule matching method for FPGA and terminal - Google Patents

Efficient rule matching method for FPGA and terminal Download PDF

Info

Publication number
CN111107068B
CN111107068B CN201911249261.6A CN201911249261A CN111107068B CN 111107068 B CN111107068 B CN 111107068B CN 201911249261 A CN201911249261 A CN 201911249261A CN 111107068 B CN111107068 B CN 111107068B
Authority
CN
China
Prior art keywords
matching
message
item
matching item
hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911249261.6A
Other languages
Chinese (zh)
Other versions
CN111107068A (en
Inventor
肖相生
高渊
李占才
刘杨
赵丰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Yunyong Electronic Technology Co ltd
Original Assignee
Jiangsu Yunyong Electronic Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Yunyong Electronic Technology Co ltd filed Critical Jiangsu Yunyong Electronic Technology Co ltd
Priority to CN201911249261.6A priority Critical patent/CN111107068B/en
Publication of CN111107068A publication Critical patent/CN111107068A/en
Application granted granted Critical
Publication of CN111107068B publication Critical patent/CN111107068B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses an efficient rule matching method of an FPGA (field programmable gate array), which is characterized in that a message is filtered at a line speed by using a fixed group delay, a numerical value is added to a key string of a hash collision, and then a hash operation is carried out to solve the problem of the hash collision, data read out by the first hash operation result is taken as a numerical value C or 0 and added to the key string, then the hash operation is carried out again, data read out by the second hash operation result is an index address of a matching rule, and the message which does not meet the requirement in a message cache queue is discarded according to the matching result after comparison with a matching item, and the message which meets the requirement is output, so that the precise filtering output of the message is realized.

Description

Efficient rule matching method for FPGA and terminal
Technical Field
The invention relates to the technical field of message filtering, in particular to an efficient rule matching method for an FPGA and a terminal thereof.
Background
The Ethernet firewall realizes message filtering through rule matching, and the realization method of the rule matching determines the efficiency of message filtering and the group delay of messages. However, when the hash operation is performed using the keyword string matched with the rule, the hash value may be the same when the input is different, which is called hash collision. For example, when two different messages are subjected to hash operation, the same value can be obtained, so that the messages which do not need to be filtered can be filtered by mistake, and therefore, how to solve the problem of hash collision is a key technical problem for realizing message filtering.
Disclosure of Invention
The invention aims to solve the technical problems and provides an efficient rule matching method for an FPGA (field programmable gate array).
In order to achieve the purpose, the invention adopts the following technical scheme:
an efficient rule matching method for an FPGA (field programmable gate array) comprises the following steps:
step 1, analyzing the message
The message resolver resolves a message from an Ethernet, extracts a source MAC address, a destination MAC address, a source IP address, a destination IP address, a source port number and a destination port number in the message as information of an item to be matched, outputs the information of the item to be matched to a cache queue of the item to be matched, and outputs the message to a message cache queue;
step 2, outputting the keyword strings and the matching items for hash operation:
the cache queue of the item to be matched outputs the keyword string to a first Hash arithmetic unit for Hash arithmetic, and outputs the information of the item to be matched to a matching comparator; the keyword string is one item of matching information or a combination of a plurality of items of matching information of the information to be matched;
step 3, carrying out hash operation for the first time:
the first Hash arithmetic unit carries out Hash arithmetic on the keyword string, and a Hash result is output to a matching item index reader as an address;
step 4, reading the matching item index RAM for the first time
The matching item index reader reads the matching item index RAM by using the address in the step 3, if the read numerical value ID is 1,
then: the keyword string is keyword string + character string;
otherwise: the keyword string is + 0;
outputting the keyword string' to a second hash arithmetic unit;
step 5, the second Hash operation
The second hash arithmetic unit carries out hash arithmetic on the keyword string', and a hash result is output to the matching item index reader as an address;
step 6, reading the matching item index RAM for the second time
The matching item index reader reads the matching item index RAM by using the address in the step 5 to obtain a read address of a matching rule and outputs the read address to the matching item RAM;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM reads the matching item RAM by taking the read address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator;
step 8, comparing and judging the matching item data
The matching item comparer compares and judges the matching item sent by the step 7 with the matching item sent by the cache queue of the item to be matched in the step 2, and outputs a result to the message cache queue, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message caching queue operates the message according to the output result of the step 8, and if the result is a discarded message, the message caching queue discards the message; and if the result is the output message, the message cache queue outputs the message.
Further, the data of the matching item index RAM and the matching item RAM are configured through configuration generation software.
Further, the method also comprises the step 81: the method for counting the data information of the matching comparator comprises the following specific steps: and the statistics device is used for carrying out statistics on the data information of the matching comparator and reading the data information by the upper computer.
The invention also provides an FPGA high-efficiency rule matching terminal, which comprises a memory, wherein the memory stores a plurality of instructions, and the instructions are suitable for an FPGA processor to load and execute:
step 1, analyzing the message
The message resolver resolves a message from an Ethernet, extracts a source MAC address, a destination MAC address, a source IP address, a destination IP address, a source port number and a destination port number in the message as information of an item to be matched, outputs the information of the item to be matched to a cache queue of the item to be matched, and outputs the message to a message cache queue;
step 2, outputting the keyword strings and the matching items for hash operation:
the cache queue of the item to be matched outputs the keyword string to a first Hash arithmetic unit for Hash arithmetic, and outputs the information of the item to be matched to a matching comparator; the keyword string is one item of matching information or a combination of a plurality of items of matching information of the information to be matched;
step 3, carrying out hash operation for the first time:
the first Hash arithmetic unit carries out Hash arithmetic on the keyword string, and a Hash result is output to a matching item index reader as an address;
step 4, reading the matching item index RAM for the first time
The matching item index reader reads the matching item index RAM by using the address in the step 3, if the read numerical value ID is 1,
then: the keyword string is keyword string + character string;
otherwise: the keyword string is + 0;
outputting the keyword string' to a second hash arithmetic unit;
step 5, the second Hash operation
The second hash arithmetic unit carries out hash arithmetic on the keyword string', and a hash result is output to the matching item index reader as an address;
step 6, reading the matching item index RAM for the second time
The matching item index reader reads the matching item index RAM by using the address in the step 5 to obtain a read address of a matching rule and outputs the read address to the matching item RAM;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM reads the matching item RAM by taking the read address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator;
step 8, comparing and judging the matching item data
The matching item comparer compares and judges the matching item sent by the step 7 with the matching item sent by the cache queue of the item to be matched in the step 2, and outputs a result to the message cache queue, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message caching queue operates the message according to the output result of the step 8, and if the result is a discarded message, the message caching queue discards the message; and if the result is the output message, the message cache queue outputs the message.
Further, the method also comprises the step of performing statistics on data information of the matching comparator, specifically, the statistics device performs statistics on the data information of the matching comparator and is ready for the upper computer to read.
Further, the data of the matching item index RAM and the matching item RAM are configured through configuration generation software.
The invention uses fixed group delay to filter the message at line speed, adds a numerical value to the key word string of the hash conflict, and then carries out hash operation once to solve the problem of the hash conflict, and discards the message which does not meet the requirement in the message cache queue according to the matching result after comparing with the matching item, and outputs the message which meets the requirement, thereby realizing the accurate filtering of the message.
Drawings
FIG. 1: the invention discloses a work flow diagram of an FPGA efficient rule matching method.
FIG. 2: the invention discloses a work flow diagram of an FPGA efficient rule matching terminal.
Description of numbering:
1: a message parser; 2: caching queues of items to be matched; 3: a first hash operator; 4: a first matching item index reader; 5: matching item index RAM; 6: a second hash operator; 7: a second matching item index reader; 8: a matching item RAM; 9: a matching term comparator; 10: a message buffer queue; 11: a statistics machine; 12: the configuration generation software.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and examples.
The invention configures the matching item index RAM5 and the matching item RAM 8 in advance through the configuration generation software 12, namely, configures the matching rules, which belongs to the prior art, so how to configure is not described in detail herein.
The invention is realized on FPGA, and can also be realized on software or ASIC.
Example one
As shown in fig. 1, an efficient rule matching method for an FPGA includes the following steps:
step 1, analyzing the message
The message resolver 1 resolves the message from the ethernet, extracts the source MAC address, the destination MAC address, the source IP address, the destination IP address, the source port number, the destination port number, and the like in the message as the information of the item to be matched, and outputs the information of the item to be matched to the item cache queue 2 to be matched, and simultaneously outputs the message to the message cache queue 10;
step 2, outputting the keyword strings and the matching items for hash operation:
the cache queue 2 for the item to be matched outputs the keyword string to a first hash arithmetic unit 3 for hash arithmetic, and outputs the information of the item to be matched to a matching item comparator 9; the keyword string is one item of matching item information or a combination of a plurality of items of matching item information of the information to be matched;
step 3, carrying out hash operation for the first time:
the first hash arithmetic unit 3 performs hash arithmetic on the keyword string, and a hash result is output to a first matching item index reader 4 as an address;
step 4, reading the matching item index RAM for the first time
The first matching item index reader 4 reads the matching item index RAM5 with the address of step 3, and if the read value ID is 1,
then: the keyword string is keyword string + C;
otherwise: the keyword string is + 0;
and outputs the keyword string' to a second hash arithmetic unit 6;
note that, the keyword string' is a keyword string + C, where C may be any other character string, such as B, D, and C is taken as an example in this embodiment.
Step 5, the second Hash operation
The second hash arithmetic unit 6 performs hash arithmetic on the keyword string', and a hash result is output to the second matching item index reader 7 as an address;
step 6, reading the matching item index RAM for the second time
The second matching item index reader 7 reads the matching item index RAM5 by using the address in the step 5 to obtain a read address of the matching rule and outputs the read address to the matching item RAM 8;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM 8 reads the matching item RAM 8 by taking the reading address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator 9;
step 8, comparing and judging the matching item data
The matching item comparer 9 compares and judges the matching item sent from the step 7 with the matching item sent from the item to be matched cache queue 2 in the step 2, and outputs a result to the message cache queue 10, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message cache queue 10 operates the message according to the output result of the step 8, and if the result is a discarded message, the message cache queue 10 discards the message; if the result is an output message, the message buffer queue 10 outputs the message.
Preferably, the method further comprises the step 81: the method for counting the data information of the matching comparator comprises the following specific steps: and the statistics device 11 is used for carrying out statistics on the data information of the matching item comparator for being read by an upper computer.
In this embodiment, the packet is filtered at a line speed by using a fixed group delay (tens of clock cycles of the FPGA), a value is added to a keyword string of the hash collision, and the hash collision is solved by performing a hash operation again. And taking the data read out from the first hash operation result as a numerical value C or 0, adding the numerical value C or 0 with the keyword string, and then performing the hash operation once, wherein the data read out from the second hash operation result is the index address of the matching rule. And discarding the message which does not meet the requirement in the message cache queue according to the matching result after comparing with the matching item, and outputting the message which meets the requirement, thereby realizing the accurate filtering output of the message.
Example two
As shown in fig. 1-2, an FPGA high-efficiency rule matching terminal includes a memory, where the memory stores a plurality of instructions, and the instructions are suitable for being loaded and executed by an FPGA processor, and the execution steps are specifically as follows:
step 1, analyzing the message
The message resolver 1 resolves the message from the ethernet, extracts the source MAC address, the destination MAC address, the source IP address, the destination IP address, the source port number, the destination port number, and the like in the message as the information of the item to be matched, and outputs the information of the item to be matched to the item cache queue 2 to be matched, and simultaneously outputs the message to the message cache queue 10;
step 2, outputting the keyword string and the matching item for hash operation
The cache queue 2 for the item to be matched outputs the keyword string to a first hash arithmetic unit 3 for hash arithmetic, and outputs the information of the item to be matched to a matching item comparator 9; the keyword string is one item of matching item information or a combination of a plurality of items of matching item information of the information to be matched;
step 3, Hash operation for the first time
The first hash arithmetic unit 3 performs hash arithmetic on the keyword string, and a hash result is output to a first matching item index reader 4 as an address;
step 4, reading the matching item index RAM for the first time
The first matching item index reader 4 reads the matching item index RAM5 with the address of step 3, and if the read value ID is 1,
then: the keyword string is keyword string + C;
otherwise: the keyword string is + 0;
and outputs the keyword string' to a second hash arithmetic unit 6;
note that, the keyword string' is a keyword string + C, where C may be any other character string, such as B, D, and C is taken as an example in this embodiment.
Step 5, the second Hash operation
The second hash arithmetic unit 6 performs hash arithmetic on the keyword string', and a hash result is output to the second matching item index reader 7 as an address;
step 6, reading the matching item index RAM for the second time
The second matching item index reader 7 reads the matching item index RAM5 by using the address in the step 5 to obtain a read address of the matching rule and outputs the read address to the matching item RAM 8;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM 8 reads the matching item RAM 8 by taking the reading address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator 9;
step 8, comparing and judging the matching item data
The matching item comparer 9 compares and judges the matching item sent from the step 7 with the matching item sent from the item to be matched cache queue 2 in the step 2, and outputs a result to the message cache queue 10, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message cache queue 10 operates the message according to the output result of the step 8, and if the result is a discarded message, the message cache queue 10 discards the message; if the result is an output message, the message buffer queue 10 outputs the message.
Preferably, the method further comprises the step 81: the method for counting the data information of the matching comparator comprises the following specific steps: and the statistics device 11 is used for carrying out statistics on the data information of the matching item comparator for being read by an upper computer.
In the above embodiments one and two:
the first hash operator 3 is identical to the second hash operator 6, and the first and second matching index readers 4 and 7 are identical.
The matching item index RAM5 stores two kinds of data, one is the index address of the matching item RAM 8; the other is a value C for avoiding hash collision, the two data are distinguished by a single identification bit ID, the occupied cell in the matching item index RAM5 is identified by a bit with position 1, the unused cell is filled with 0, the depth of the matching item index RAM5 is at least twice as deep as the matching item RAM 8, it is appropriate to have 4 times as deep, if the matching item RAM 8 has 4096 items, 16384 16 bits of the matching item index RAM5 is sufficient.
The matching item RAM 8 is mainly used for storing matching rule data.
The configuration generation software 12 is used for generating and storing matching rule data, searching for a numerical value C with the same hash operation value of the avoided keyword string, and configuring the matching item index RAM5 and the matching item RAM 8.
Finally, it should be noted that: the above embodiments are only used to illustrate the present invention and do not limit the technical solutions described in the present invention; thus, while the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted; all such modifications and variations are intended to be included herein within the scope of this disclosure and the present invention and protected by the following claims.

Claims (6)

1. An efficient rule matching method for an FPGA (field programmable gate array), which is characterized by comprising the following steps of:
step 1, analyzing the message
The message resolver resolves a message from an Ethernet, extracts a source MAC address, a destination MAC address, a source IP address, a destination IP address, a source port number and a destination port number in the message as information of an item to be matched, outputs the information of the item to be matched to a cache queue of the item to be matched, and outputs the message to a message cache queue;
step 2, outputting the keyword strings and the matching items for hash operation:
the cache queue of the item to be matched outputs the keyword string to a first Hash arithmetic unit for Hash arithmetic, and outputs the information of the item to be matched to a matching comparator; the keyword string is one item of matching information or a combination of a plurality of items of matching information of the information to be matched;
step 3, carrying out hash operation for the first time:
the first Hash arithmetic unit carries out Hash arithmetic on the keyword string, and a Hash result is output to a matching item index reader as an address;
step 4, reading the matching item index RAM for the first time
The matching item index reader reads the matching item index RAM by using the address in the step 3, if the read numerical value ID is 1,
then: keyword string' = keyword string + non-0 character string;
otherwise: keyword string' = keyword string + 0;
outputting the keyword string' to a second hash arithmetic unit;
step 5, the second Hash operation
The second hash arithmetic unit carries out hash arithmetic on the keyword string', and a hash result is output to the matching item index reader as an address;
step 6, reading the matching item index RAM for the second time
The matching item index reader reads the matching item index RAM by using the address in the step 5 to obtain a read address of a matching rule and outputs the read address to the matching item RAM;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM reads the matching item RAM by taking the read address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator;
step 8, comparing and judging the matching item data
The matching item comparer compares and judges the matching item sent by the step 7 with the matching item sent by the cache queue of the item to be matched in the step 2, and outputs a result to the message cache queue, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message caching queue operates the message according to the output result of the step 8, and if the result is a discarded message, the message caching queue discards the message; and if the result is the output message, the message cache queue outputs the message.
2. The FPGA efficient rule matching method of claim 1, characterized in that: and the data of the matching item index RAM and the matching item RAM are configured through configuration generation software.
3. The FPGA efficient rule matching method of claim 1, further comprising the step of 81: the method for counting the data information of the matching comparator comprises the following specific steps: and the statistics device is used for carrying out statistics on the data information of the matching comparator for being read by an upper computer.
4. The utility model provides a high-efficient rule matching terminal of FPGA which characterized in that: comprising a memory storing a plurality of instructions adapted to be loaded and executed by an FPGA processor:
step 1, analyzing the message
The message resolver resolves a message from an Ethernet, extracts a source MAC address, a destination MAC address, a source IP address, a destination IP address, a source port number and a destination port number in the message as information of an item to be matched, outputs the information of the item to be matched to a cache queue of the item to be matched, and outputs the message to a message cache queue;
step 2, outputting the keyword strings and the matching items for hash operation:
the cache queue of the item to be matched outputs the keyword string to a first Hash arithmetic unit for Hash arithmetic, and outputs the information of the item to be matched to a matching comparator; the keyword string is one item of matching information or a combination of a plurality of items of matching information of the information to be matched;
step 3, carrying out hash operation for the first time:
the first Hash arithmetic unit carries out Hash arithmetic on the keyword string, and a Hash result is output to a matching item index reader as an address;
step 4, reading the matching item index RAM for the first time
The matching item index reader reads the matching item index RAM by using the address in the step 3, if the read numerical value ID is 1,
then: keyword string' = keyword string + non-0 character string;
otherwise: keyword string' = keyword string + 0;
outputting the keyword string' to a second hash arithmetic unit;
step 5, the second Hash operation
The second hash arithmetic unit carries out hash arithmetic on the keyword string', and a hash result is output to the matching item index reader as an address;
step 6, reading the matching item index RAM for the second time
The matching item index reader reads the matching item index RAM by using the address in the step 5 to obtain a read address of a matching rule and outputs the read address to the matching item RAM;
step 7, obtaining the matching item and sending the matching item to the matching item comparator
The matching item RAM reads the matching item RAM by taking the read address of the step 6 as an index value to obtain a matching item, and sends the matching item to the matching item comparator;
step 8, comparing and judging the matching item data
The matching item comparer compares and judges the matching item sent by the step 7 with the matching item sent by the cache queue of the item to be matched in the step 2, and outputs a result to the message cache queue, wherein the result is an output message or a discarded message;
step 9, filtering and outputting
The message caching queue operates the message according to the output result of the step 8, and if the result is a discarded message, the message caching queue discards the message; and if the result is the output message, the message cache queue outputs the message.
5. The FPGA high-efficiency rule matching terminal of claim 4, wherein: the method also comprises the step of performing statistics on data information of the matching comparator, wherein the statistics is specifically performed on the data information of the matching comparator by the statistics device for being read by an upper computer.
6. The FPGA high-efficiency rule matching terminal of claim 4, wherein: and the data of the matching item index RAM and the matching item RAM are configured through configuration generation software.
CN201911249261.6A 2019-12-09 2019-12-09 Efficient rule matching method for FPGA and terminal Active CN111107068B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911249261.6A CN111107068B (en) 2019-12-09 2019-12-09 Efficient rule matching method for FPGA and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911249261.6A CN111107068B (en) 2019-12-09 2019-12-09 Efficient rule matching method for FPGA and terminal

Publications (2)

Publication Number Publication Date
CN111107068A CN111107068A (en) 2020-05-05
CN111107068B true CN111107068B (en) 2021-03-09

Family

ID=70421994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911249261.6A Active CN111107068B (en) 2019-12-09 2019-12-09 Efficient rule matching method for FPGA and terminal

Country Status (1)

Country Link
CN (1) CN111107068B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069216A (en) * 2020-09-18 2020-12-11 山东超越数控电子股份有限公司 Join algorithm implementation method, system, device and medium based on FPGA
CN114338529B (en) * 2021-12-29 2024-03-08 杭州迪普信息技术有限公司 Five-tuple rule matching method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034412A (en) * 2007-04-02 2007-09-12 华为技术有限公司 Information storing method, information search method and engine device
CN101826107A (en) * 2010-04-02 2010-09-08 华为技术有限公司 Hash data processing method and device
CN102880724A (en) * 2012-10-23 2013-01-16 盛科网络(苏州)有限公司 Method and system for processing Hash collision
CN103731355A (en) * 2013-12-31 2014-04-16 迈普通信技术股份有限公司 Method and system for avoiding Hash collision during MAC address learning
CN105320775A (en) * 2015-11-11 2016-02-10 中科曙光信息技术无锡有限公司 Data access method and apparatus
CN105515919A (en) * 2016-01-20 2016-04-20 中国电子科技集团公司第五十四研究所 Network flow monitoring method based on Hash compression algorithm

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8295286B2 (en) * 2003-12-31 2012-10-23 Stmicroelectronics, Inc. Apparatus and method using hashing for efficiently implementing an IP lookup solution in hardware
US20070168377A1 (en) * 2005-12-29 2007-07-19 Arabella Software Ltd. Method and apparatus for classifying Internet Protocol data packets
US10282125B2 (en) * 2017-04-17 2019-05-07 International Business Machines Corporation Distributed content deduplication using hash-trees with adaptive resource utilization in distributed file systems
CN109885576B (en) * 2019-03-06 2020-12-01 珠海金山网络游戏科技有限公司 Hash table creating method and system, computing device and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101034412A (en) * 2007-04-02 2007-09-12 华为技术有限公司 Information storing method, information search method and engine device
CN101826107A (en) * 2010-04-02 2010-09-08 华为技术有限公司 Hash data processing method and device
CN102880724A (en) * 2012-10-23 2013-01-16 盛科网络(苏州)有限公司 Method and system for processing Hash collision
CN103731355A (en) * 2013-12-31 2014-04-16 迈普通信技术股份有限公司 Method and system for avoiding Hash collision during MAC address learning
CN105320775A (en) * 2015-11-11 2016-02-10 中科曙光信息技术无锡有限公司 Data access method and apparatus
CN105515919A (en) * 2016-01-20 2016-04-20 中国电子科技集团公司第五十四研究所 Network flow monitoring method based on Hash compression algorithm

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"哈希查找中散列函数的运用";肖丽;《技术与市场》;20090831;第16卷(第8期);第18-19页 *

Also Published As

Publication number Publication date
CN111107068A (en) 2020-05-05

Similar Documents

Publication Publication Date Title
Pontarelli et al. Traffic-aware design of a high-speed FPGA network intrusion detection system
US8897151B2 (en) Systematic framework for application protocol field extraction
RU2608464C2 (en) Device, method and network server for detecting data structures in data stream
US10805437B2 (en) Compiler and hardware interactions to remove action dependencies in the data plane of a network forwarding element
CN111107068B (en) Efficient rule matching method for FPGA and terminal
US20110153641A1 (en) System and method for regular expression matching with multi-strings and intervals
CN101853301A (en) Regular expression matching method and system
CN110865970B (en) Compression flow pattern matching engine and pattern matching method based on FPGA platform
CN105337991A (en) Integrated message flow searching and updating method
CN111030998B (en) Configurable protocol analysis method and system
CN102437937A (en) Deep packet inspection method
CN114885045B (en) Method and device for saving DMA channel resources in high-speed intelligent network card/DPU
CN114327833A (en) Efficient flow processing method based on software-defined complex rule
CN117041370A (en) Communication method and system
Hieu et al. Optimization of regular expression processing circuits for NIDS on FPGA
Polig et al. Token-based dictionary pattern matching for text analytics
CN115801927A (en) Message parsing method and device
Kobiersky et al. Packet header analysis and field extraction for multigigabit networks
CN107426180B (en) Detection apparatus for data frame coverage of ethernet
Hieu et al. Enhanced FPGA-based architecture for regular expression matching in NIDS
CN112187935A (en) Information identification method and read-only memory
CN101848091A (en) Method and system for processing data search
Zhang et al. A Multi-Table Programmable Parser for Satellite Networks
CN111222018A (en) Method for realizing high-speed matching of floating character strings based on TCAM (ternary content addressable memory)
CN113472654B (en) Network traffic data forwarding method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant