Increasingly, embedded system designers must exploit application-specific concurrency in order to obtain high performance. Often an application will exhibit several different styles and granularities of concurrency. An average embedded RISC processor is a poor platform when concurrency is a first-class concern. The Sub-RISC paradigm, on the other hand, allows designers to create programmable architectures with application-specific process-, data-, and datatype-level concurrency. This paper describes a Sub-RISC processor that accelerates regular expression matching for network intrusion detection. This processor is lightweight and can be tiled to search multiple packet streams in parallel. Unlike typical application-specific processors, designers are not burdened with assembly language programming. Instead, the language of regular expressions is used as a high-level programming abstraction. Results are shown for ASIC and FPGA implementations using regexp rules from the Snort database.
Designing a Sub-RISC Multi-Gigabit Regular Expression Processor
Researchers may make free and open use of the UC Berkeley Library’s digitized public domain materials. However, some materials in our online collections may be protected by U.S. copyright law (Title 17, U.S.C.). Use or reproduction of materials protected by copyright beyond that allowed by fair use (Title 17, U.S.C. § 107) requires permission from the copyright owners. The use or reproduction of some materials may also be restricted by terms of University of California gift or purchase agreements, privacy and publicity rights, or trademark law. Responsibility for determining rights status and permissibility of any use or reproduction rests exclusively with the researcher. To learn more or make inquiries, please see our permissions policies (https://www.lib.berkeley.edu/about/permissions-policies).