This letter presents an energy- and memory-efficient pattern-matching engine for a network intrusion detection system (NIDS) in the Internet of Things. Tightly coupled architecture and circuit co-designs are proposed to fully exploit the statistical behaviors of NIDS pattern matching. The proposed engine performs pattern matching in three phases, where the phase-1 prefix matching employs reconfigurable pipelined automata processing to minimize memory footprint without loss of throughput and efficiency. The processing elements utilize 8-T content-addressable memory (CAM) cells for dual-port search by leveraging proposed fixed-1s encoding. A 65-nm prototype demonstrates best-in-class 1.54-fJ energy per search per pattern byte and 0.9-byte memory usage per pattern byte.
翻译:本信为物联网网络入侵探测系统提供了一个能量和记忆高效模式匹配引擎; 提议进行紧密结合的建筑和电路联合设计,以充分利用国家数据系统模式匹配的统计行为; 拟议的引擎将模式匹配分为三个阶段, 第1阶段前缀匹配采用可重新配置管道的自动数据处理,以尽量减少存储足迹,同时又不损失输送量和效率; 处理元件使用8-T内容可处理存储单元格进行双关搜索,方法是利用拟议的固定-1编码。 一个65纳米的原型显示每个模式每类1.54-fJ的最佳能量,每个模式0.9字节的存储用量。
相关内容
微信扫码咨询专知VIP会员