REASSEMBLY-FREE DEEP PACKET INSPECTION ON MULTI-CORE HARDWARE

摘要

Some embodiments of reassembly-free deep packet inspection (DPD on multicore hardware have been presented. In one embodiment, a set of packets of one or more files is received at a networked device from one or more connections. Each packet is scanned using one of a set of processing cores in the networked device without buffering the one or more files in the networked device. Furthermore, the set of processing cores may scan the packets substantially concurrently.

主权项

1. A re-assembly free method of deep packet inspection, the method comprising:
receiving a plurality of packets of one or more files from a first connection; determining whether a packet is delivered in-order, wherein the packet is one of an order of packets in the plurality of packets; storing the packet when it has been determined that the packet has not been received in-order in an out-of-order buffer; processing the packet in a first processing core when it has been determined that the packet was delivered in-order; processing a packet from the out-of-order buffer in the first processing core when the out-of-order buffer contains a next packet in the order of packets, wherein the in-order packet and the next packet are processed by deep packet inspection scanning according to the order of packets without re-assembling the plurality of packets into the one or more files; storing a current state of pattern matching in a database without buffering the one or more files, wherein the current state of pattern matching corresponds to packets received from the first connection; and updating the current state of pattern matching based on a plurality of deep packet inspection scanning results.