Skip to main content
Go to the home page of the European Commission (opens in new window)
English English
CORDIS - EU research results
CORDIS
CORDIScovery podcast 50th episode CORDIScovery podcast 50th episode
Content archived on 2024-05-30

Deep Packet Inspection to Next Generation Network Devices

Objective

Deep packet inspection (DPI) lies at the core of contemporary Network Intrusion Detection/Prevention Systems and Web Application Firewall. DPI aims to identify various malware (including spam and viruses), by inspecting both the header and the payload of each packet and comparing it to a known set of patterns. DPI are often performed on the critical path of the packet processing, thus the overall performance of the security tools is dominated by the speed of DPI.

Traditionally, DPI considered only exact string patterns. However, in modern network devices patterns are often represented by regular expressions due to their superior expressiveness. Matching both exact string and regular expressions are well-studied area in Computer Science; however all well-known solutions are not sufficient for current network demands: First, current solutions do not scale in terms of speed, memory and power requirements. While current network devices work at 10-100 Gbps and have thousands of patterns, traditional solutions suffer from exponential memory size or exponential time and induce prohibitive power consumption. Second, non clear-text traffic, such as compressed traffic, becomes a dominant portion of the Internet and is clearly harder to inspect.

In this research we design new algorithms and schemes that cope with today demand. This is evolving area both in the Academia and Industry, where currently there is no adequate solution.

We intend to use recent advances in hardware to cope with these demanding requirements. More specifically, we plan to use Ternary Content-Addressable Memories (TCAMs), which become standard commodity in contemporary network devices. TCAMs can compare a key against all rules in a memory in parallel and thus provide high throughput. We believ

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: https://op.europa.eu/en/web/eu-vocabularies/euroscivoc.

You need to log in or register to use this function

Programme(s)

Multi-annual funding programmes that define the EU’s priorities for research and innovation.

Topic(s)

Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.

Call for proposal

Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.

ERC-2010-StG_20091028
See other projects for this call

Funding Scheme

Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.

ERC-SG - ERC Starting Grant

Host institution

REICHMAN UNIVERSITY
EU contribution
€ 840 400,40
Address
8 HAUNIVERSITA ST
4610101 Herzliya
Israel

See on map
Activity type
Higher or Secondary Education Establishments
Links
Total cost

The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.
No data

Beneficiaries (2)

Share this page Share this page on social networks

Download Download the content of the page

Last update: 1 August 2019

My Booklet

Permalink: https://cordis.europa.eu/project/id/259085

European Union, 2025

My booklet 0 0