CERN Computing Colloquia Spring Series: IT Security - A High-Performance Pattern Matching Engine for Intrusion Detection

<!--HTML--><b>A novel type of 'recognition engine' chip may revolutionize the detection of electronic intruders. An IBM researcher explains how.</b><br>[Note: the research covered in this talk was the topic of a major feature entitled “Recognition Engines” in the January Issue of Scientific American]. As it becomes increasingly difficult to improve processor performance by increasing speed alone, novel approaches, such as multi-core processors, are being pursued. In this talk, I will present a novel hardware-based pattern-matching engine for accelerating networking applications that require fast and efficient content scanning of data (packets, messages) against a predetermined list of patterns or signatures. A key application of the pattten-matching engine is intrusion detection.<br><br> The flexible and modular design of the engine allows a broad spectrum of applications, ranging from high-end enterprise level network devices that need to match hundreds of thousands of patterns at speeds of tens of gigabits per second, to low-end devices for home networks operating at a few megabits per second with a modest number of patterns. The pattern-matching engine is one of the first results of a research project that examines whether there are opportunities for novel processor concepts which deviate from the traditional “Von Neumann” processor architecture. I will also provide a brief overview of the new processor concept, and touch on other applications where this concept has a significant advantage over conventional processors, including XML processing and data compression.<br><br>Speaker bio: Jan van Lunteren has been with the IBM Zurich Research Laboratory, Rüschlikon, Switzerland, since 1994, doing research on high-speed networking. His current interests include high-performance memory systems, (deep) packet classification algorithms, and high-performance programmable accelerator engines. He received the M.Sc. degree in Electrical Engineering, the M.Sc. degree in Technological Design, and the Ph.D. degree in Electrical Engineering in 1992, 1994, and 1998, respectively, all from the Technical University of Eindhoven, The Netherlands.<br> <BR><I>More information: <a href=http://computing-colloquia.web.cern.ch/computing-colloquia/upcoming.html#jan>http://computing-colloquia.web.cern.ch/computing-colloquia/upcoming.html#jan</a></I>