Designing a Sub-RISC Multi-Gigabit Regular Expression Processor
Andrew Christopher Mihal and Christian Sauer and Kurt Keutzer
EECS Department, University of California, Berkeley
Technical Report No. UCB/EECS-2006-119
September 26, 2006
http://www2.eecs.berkeley.edu/Pubs/TechRpts/2006/EECS-2006-119.pdf
Increasingly, embedded system designers must exploit application-specific concurrency in order to obtain high performance. Often an application will exhibit several different styles and granularities of concurrency. An average embedded RISC processor is a poor platform when concurrency is a first-class concern. The Sub-RISC paradigm, on the other hand, allows designers to create programmable architectures with application-specific process-, data-, and datatype-level concurrency. This paper describes a Sub-RISC processor that accelerates regular expression matching for network intrusion detection. This processor is lightweight and can be tiled to search multiple packet streams in parallel. Unlike typical application-specific processors, designers are not burdened with assembly language programming. Instead, the language of regular expressions is used as a high-level programming abstraction. Results are shown for ASIC and FPGA implementations using regexp rules from the Snort database.
BibTeX citation:
@techreport{Mihal:EECS-2006-119,
Author= {Mihal, Andrew Christopher and Sauer, Christian and Keutzer, Kurt},
Title= {Designing a Sub-RISC Multi-Gigabit Regular Expression Processor},
Year= {2006},
Month= {Sep},
Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2006/EECS-2006-119.html},
Number= {UCB/EECS-2006-119},
Abstract= {Increasingly, embedded system designers must exploit application-specific concurrency in order to obtain high performance. Often an application will exhibit several different styles and granularities of concurrency. An average embedded RISC processor is a poor platform when concurrency is a first-class concern. The Sub-RISC paradigm, on the other hand, allows designers to create programmable architectures with application-specific process-, data-, and datatype-level concurrency. This paper describes a Sub-RISC processor that accelerates regular expression matching for network intrusion detection. This processor is lightweight and can be tiled to search multiple packet streams in parallel. Unlike typical application-specific processors, designers are not burdened with assembly language programming. Instead, the language of regular expressions is used as a high-level programming abstraction. Results are shown for ASIC and FPGA implementations using regexp rules from the Snort database.},
}
EndNote citation:
%0 Report %A Mihal, Andrew Christopher %A Sauer, Christian %A Keutzer, Kurt %T Designing a Sub-RISC Multi-Gigabit Regular Expression Processor %I EECS Department, University of California, Berkeley %D 2006 %8 September 26 %@ UCB/EECS-2006-119 %U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2006/EECS-2006-119.html %F Mihal:EECS-2006-119