Jan van Lunteren scite author profile

Jan van Lunteren

5Publications

328Citation Statements Received

93Citation Statements Given

How they've been cited

488

326

How they cite others

Affiliations

IBM Research - Zurich, Case Western Reserve University, University School

Publications

Order By: Most citations

High-Performance Pattern-Matching for Intrusion Detection

Lunteren

2006

143

View full text Add to dashboard Cite

New generations of network intrusion detection systems create the need for advanced pattern-matching engines. This paper presents a novel scheme for pattern-matching, called BFPM, that exploits a hardware-based programmable statemachine technology to achieve deterministic processing rates that are independent of input and pattern characteristics on the order of 10 Gb/s for FPGA and at least 20 Gb/s for ASIC implementations. BFPM supports dynamic updates and is one of the most storage-efficient schemes in the industry, supporting two thousand patterns extracted from Snort with a total of 32 K characters in only 128 KB of memory. I. INTRODUCTIONA clear trend that can be observed in the Internet is the increasing amount of packet data that is being inspected before a packet is delivered to its destination. In the early days, packets were solely routed based on their destination address. Later, firewall and quality-of-service (QoS) applications emerged that examined multiple fields in the packet header, for example, the popular 5-tuple consisting of addresses, port numbers and protocol byte [1]. More recently, network intrusion detection systems (NIDS), virus scanners, spam filters and other "content-aware" applications go one step further by also performing scans on the packet payload. Although the latter type of applications tend to reside closer to the end user, thus involving link speeds that are only a fraction of the speeds in the backbone, the ongoing performance improvements throughout the Internet make it very challenging to perform the required packet processing at full wirespeed.Popular signature-based NIDSs, such as Snort [2], identify intrusions by testing packets against collections of rules that specify conditions for the packet header and payload. The header conditions are usually similar to those used in firewall rules, and can therefore be evaluated using the same type of algorithms [3]. The payload conditions typically involve strings and regular expressions that have to be matched against the entire payload or sections of it [4]. Although a substantial amount of work has been performed in the area of pattern-matching in the past thirty years, most of the existing algorithms are not suitable for new generations of NIDSs that require simultaneous matching of hundreds or thousands of patterns at processing rates of multiple gigabits per second.The key contribution of this paper consists of a novel approach for pattern-matching that is able to meet the requirements of state-of-the-art and future NIDSs and other content-inspecting applications. This approach is based on

show abstract

Fast and scalable packet classification

Lunteren

Engbersen

2003

IEEE J. Select. Areas Commun.

153

View full text Add to dashboard Cite

Emerging Internet applications create the need for advanced packet classifiers. We propose a novel multifield classification scheme, called P 2 C, which exploits the strengths of state-of-the-art memory technologies to provide wire-speed classification performance for OC-192 and beyond, in combination with very high storage efficiency and the support of fast incremental updates. Key features of the new scheme are its ability to adapt to the complexity of a classification rule set, whereas the storage requirements and update dynamics can be tuned at the granularity of individual rules. This makes P 2 C suitable for a broad spectrum of applications.

show abstract

Memrisor Based Computation-in-Memory Architecture for Data-Intensive Applications

Hamdioui¹,

Xie²,

Anh³

et al. 2015

View full text Add to dashboard Cite

Searching very large routing tables in wide embedded memory

Lunteren

View full text Add to dashboard Cite

Disordered Toll-like receptor 2 responses in the pathogenesis of pulmonary sarcoidosis

Gabrilovich

Walrath

Lunteren

et al. 2013

View full text Add to dashboard Cite

SummaryIn this study, we hypothesized that the granulomatous disorder sarcoidosis is not caused by a single pathogen, but rather results from abnormal responses of Toll-like receptors (TLRs) to conserved bacterial elements. Unsorted bronchoalveolar lavage (BAL) cells from patients with suspected pulmonary sarcoidosis and healthy non-smoking control subjects were stimulated with representative ligands of TLR-2 (in both TLR-2/1 and TLR-2/6 heterodimers) and TLR-4. Responses were determined by assessing resulting production of tumour necrosis factor (TNF)-α and interleukin (IL)-6. BAL cells from patients in whom sarcoidosis was confirmed displayed increased cytokine responses to the TLR-2/1 ligand 19-kDa lipoprotein of Mycobacterium tuberculosis (LpqH) and decreased responses to the TLR-2/6 agonist fibroblast stimulating ligand-1 (FSL)-1. Subsequently, we evaluated the impact of TLR-2 gene deletion in a recently described murine model of T helper type 1 (Th1)-associated lung disease induced by heat-killed Propionibacterium acnes. As quantified by blinded scoring of lung pathology, P. acnes-induced granulomatous pulmonary inflammation was markedly attenuated in TLR-2 -/-mice compared to wild-type C57BL/6 animals. The findings support a potential role for disordered TLR-2 responses in the pathogenesis of pulmonary sarcoidosis.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jan van Lunteren

High-Performance Pattern-Matching for Intrusion Detection

Fast and scalable packet classification

Memrisor Based Computation-in-Memory Architecture for Data-Intensive Applications

Searching very large routing tables in wide embedded memory

Disordered Toll-like receptor 2 responses in the pathogenesis of pulmonary sarcoidosis

Contact Info

Product

Resources

About