Intrusion Detection and Prevention System
Case ID:
TEC2014-0106
Web Published:
5/26/2016

Executive Summary
Deep packet inspection (DPI) filters computer network packets and examines the data in a packet, performing searches for viruses, spam, or other intrusions. DPI can be implemented on routers, network intrusion detection systems, firewalls and switches but detecting multiple patterns in parallel requires a significant amount of memory and tends to be a slow process. We present a more efficient method for conducting regular expression matching in networks for improved network security.
Description of Technology
This technology is a novel method for deep packet inspection of networks for intrusion detection, traffic monitoring and protocol identification. The algorithm accomplishes regular expression matching using ternary content addressable memories (TCAMs). By grouping similar sets of regular expressions into one state, less memory is required and regular expression matching can be conducted faster than previous methods.
Key Benefits
- High Throughput: this algorithm performed regular expression faster than all other algorithms it was tested against
- Less Memory Required: uses order of magnitude less TCAM than previous technology
- Uses existing versions of TCAM chip
Applications
- Routers
- Firewalls
- Intrusion Detection/Prevention Devices
Patent Status:
Patent application published, no. 20150310342
Licensing Rights Available
Full licensing rights available
Inventors: Alex Liu, Eric Torng
Tech ID: TEC2014-0106
Patent Information:
App Type |
Country |
Serial No. |
Patent No. |
File Date |
Issued Date |
Expire Date |
For Information, Contact:
Raymond Devito
Technology Manager
Michigan State University
devitora@msu.edu