Efficient Byte Stream Pattern Test using Bloom Filter with Rolling Hash Functions on the FPGA

The main purpose of this paper is to present an efficient FPGA implementation for the Bloom filter, in which a large set P of l-byte patterns are registered beforehand. Our Bloom filter circuit performs the byte stream pattern test such that it receives an input byte stream t and outputs the bit stream in every clock cycle. Each bit of the output bit stream is 1 if an l-byte sequence of t starting from the corresponding position is identical with one of the patterns in P. Such byte stream pattern test has a lot of applications. For example, it can be used for detecting malicious patterns in byte stream of network traffic. Our Bloom filter circuit fully utilizes 288K-bit Ultra RAMs and 18K-bit Block RAMs in the Xilinx UltraScale+ VU9P FPGA. We use Ultra RAMs to implement bit arrays to register all patterns in P and Block RAMs to compute signatures using rolling hash functions. Unlike the previously published FPGA implementations of the Bloom filter, which use XOR-based hash functions, our Bloom filter circuit using rolling hash functions can support much larger l. We have evaluated the performance of our Bloom filter circuit using Xilinx UltraScale+ FPGA VU9P, which is a popular high-end FPGA used in Amazon Web Service. The experimental results show that our Bloom filter circuit for 4800K (=4,915,200) patterns of length 1024 can perform the byte stream pattern test for 1.14Gbps input byte stream with false positive probability 10^-12. Also, we can configure our Bloom filter circuit to work for 100K (=102,400) patterns of length 1024 and 49.5Gpbs input byte stream with the same false positive probability.

[1]  Koji Nakano,et al.  An image retrieval system using FPGAs , 2003, ASP-DAC '03.

[2]  Koji Nakano,et al.  Instance-Specific Solutions to Accelerate the CKY Parsing , 2003, Engineering of Reconfigurable Systems and Algorithms.

[3]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[4]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[5]  Xin Zhou,et al.  An FPGA Implementation for a Flexible-Length-Arithmetic Processor Employing the FDFM Processor Core Approach , 2016, IEICE Trans. Inf. Syst..

[6]  Roger Woods,et al.  FPGA-based Implementation of Signal Processing Systems , 2017 .

[7]  Mahmood Ahmadi,et al.  Bloom filter applications in network security: A state-of-the-art survey , 2013, Comput. Networks.

[8]  Kiyoung Choi,et al.  An FPGA implementation of high-throughput key-value store using Bloom filter , 2014, Technical Papers of 2014 International Symposium on VLSI Design, Automation and Test.

[9]  Deian Stefan,et al.  FPGA-based SoC for real-time network intrusion detection using counting bloom filters , 2009, IEEE Southeastcon 2009.

[10]  Deepa Kundur,et al.  Bloom filter based intrusion detection for smart grid SCADA , 2012, 2012 25th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE).

[11]  M. Arun,et al.  Design and Implementation of a String Matching System for Network Intrusion Detection using FPGA-based low power multiple-hashing Bloom Filters , 2009 .

[12]  Koji Nakano,et al.  Hardware n Choose k Counters with Applications to the Partial Exhaustive Search , 2005, IEICE Trans. Inf. Syst..

[13]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[14]  Takuji Nishimura,et al.  Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator , 1998, TOMC.

[15]  Bo Song,et al.  The Parallel FDFM Processor Core Approach for CRT-based RSA Decryption , 2012, Int. J. Netw. Comput..

[16]  Eugene H. Spafford,et al.  OPUS: Preventing weak password choices , 1992, Comput. Secur..

[17]  Sireesha,et al.  An FPGA Implementation of Hashed Key-Value Store Using Bloom Filter , 2015 .

[18]  Koen De Bosschere,et al.  XOR-based hash functions , 2005, IEEE Transactions on Computers.

[19]  Monther Aldwairi,et al.  Bloom Filters Optimized Wu-Manber for Intrusion Detection , 2016, J. Digit. Forensics Secur. Law.

[20]  H. Jonathan Chao,et al.  Aggregated Bloom Filters for Intrusion Detection and Prevention Hardware , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[21]  Koji Nakano,et al.  Processor, Assembler, and Compiler Design Education Using an FPGA , 2008, 2008 14th IEEE International Conference on Parallel and Distributed Systems.

[22]  Stephan Wong,et al.  A Cache Architecture for Counting Bloom Filters , 2007, 2007 15th IEEE International Conference on Networks.