Yaw-Chung Chen scite author profile

The large quantities of data now being transferred via high-speed networks have made deep packet inspection indispensable for security purposes. Scalable and low-cost signature-based network intrusion detection systems have been developed for deep packet inspection for various software platforms. Traditional approaches that only involve central processing units (CPUs) are now considered inadequate in terms of inspection speed. Graphic processing units (GPUs) have superior parallel processing power, but transmission bottlenecks can reduce optimal GPU efficiency. In this paper we describe our proposal for a hybrid CPU/GPU pattern-matching algorithm (HPMA) that divides and distributes the packet-inspecting workload between a CPU and GPU. All packets are initially inspected by the CPU and filtered using a simple pre-filtering algorithm, and packets that might contain malicious content are sent to the GPU for further inspection. Test results indicate that in terms of random payload traffic, the matching speed of our proposed algorithm was 3.4 times and 2.7 times faster than those of the AC-CPU and AC-GPU algorithms, respectively. Further, HPMA achieved higher energy efficiency than the other tested algorithms.

show abstract

Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols

Mohammad¹,

Chen

Hsu

et al. 2010

IETE Tech Rev

View full text Add to dashboard Cite

In NRSC24, Elkamchouchi et al. proposed a new approach for key controlled agreement to provide key control in the Pour public key distribution system. In NRSC25, they further proposed an efficient and confirmed protocol for authenticated key agreement to provide forward secrecy in their previously proposed protocol. This paper, however, will show that Pour's protocol and Elkamchouchi et al.'s two protocols cannot withstand key compromise impersonation resilience, and man-in-the-middle attacks, and do not have perfect forward secrecy resilience. To eliminate the pointed out security leaks, we further propose a new two-pass authenticated key agreement with a key confirmation protocol. The proposed protocol has the following properties: (i) it is proved to be secure against above attacks and stronger adversary attacks, and provides the desirable security properties as a three-pass authenticated key agreement protocol. (ii) It can provide entity authentication and assurance for key reception in an indirect way. (iii) It can withstand denial of service attacks. In addition, we also propose a derivation one-pass protocol from the proposed twopass protocol to fit a one-way communication channel, which is suitable for mobile stations and electronic business transactions. The security and the computational complexities of the proposed two protocols outperform those of previously proposed protocols.

show abstract

A cross-layer approach for real-time multimedia streaming on wireless peer-to-peer ad hoc network

Kuo¹,

Shih²,

Ho³

et al. 2013

Ad Hoc Networks

View full text Add to dashboard Cite

An Efficient Conflict Detection Algorithm for Packet Filters

Lee

Lin

Chen

2012

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYPacket classification is essential for supporting advanced network services such as firewalls, quality-of-service (QoS), virtual private networks (VPN), and policy-based routing. The rules that routers use to classify packets are called packet filters. If two or more filters overlap, a conflict occurs and leads to ambiguity in packet classification. This study proposes an algorithm that can efficiently detect and resolve filter conflicts using tuple based search. The time complexity of the proposed algorithm is O(nW + s), and the space complexity is O(nW), where n is the number of filters, W is the number of bits in a header field, and s is the number of conflicts. This study uses the synthetic filter databases generated by ClassBench to evaluate the proposed algorithm. Simulation results show that the proposed algorithm can achieve better performance than existing conflict detection algorithms both in time and space, particularly for databases with large numbers of conflicts.

show abstract

RPL Enhancement for a Parent Selection Mechanism and an Efficient Objective Function

Singh

Chen

2019

IEEE Sensors J.

View full text Add to dashboard Cite

Length-Bounded Hybrid CPU/GPU Pattern Matching Algorithm for Deep Packet Inspection

2017

View full text Add to dashboard Cite

Abstract:Since frequent communication between applications takes place in high speed networks, deep packet inspection (DPI) plays an important role in the network application awareness. The signature-based network intrusion detection system (NIDS) contains a DPI technique that examines the incoming packet payloads by employing a pattern matching algorithm that dominates the overall inspection performance. Existing studies focused on implementing efficient pattern matching algorithms by parallel programming on software platforms because of the advantages of lower cost and higher scalability. Either the central processing unit (CPU) or the graphic processing unit (GPU) were involved. Our studies focused on designing a pattern matching algorithm based on the cooperation between both CPU and GPU. In this paper, we present an enhanced design for our previous work, a length-bounded hybrid CPU/GPU pattern matching algorithm (LHPMA). In the preliminary experiment, the performance and comparison with the previous work are displayed, and the experimental results show that the LHPMA can achieve not only effective CPU/GPU cooperation but also higher throughput than the previous method.

show abstract

Sensing coverage hole identification and coverage hole healing methods for wireless sensor networks

Singh

Chen

2019

Wireless Netw

View full text Add to dashboard Cite

Resource Efficient Opportunistic Multicast Scheduling for IPTV over Mobile WiMAX

Huang

et al. 2010

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yaw-Chung Chen

A Hybrid CPU/GPU Pattern-Matching Algorithm for Deep Packet Inspection

Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols

A cross-layer approach for real-time multimedia streaming on wireless peer-to-peer ad hoc network

An Efficient Conflict Detection Algorithm for Packet Filters

RPL Enhancement for a Parent Selection Mechanism and an Efficient Objective Function

Length-Bounded Hybrid CPU/GPU Pattern Matching Algorithm for Deep Packet Inspection

Sensing coverage hole identification and coverage hole healing methods for wireless sensor networks

Resource Efficient Opportunistic Multicast Scheduling for IPTV over Mobile WiMAX

Contact Info

Product

Resources

About