High Performance Networks - Compilation and Optimization of Protocol Analyzers

Award Information
Agency: Department of Energy
Branch: N/A
Contract: DE-FG02-08ER85046
Agency Tracking Number: N/A
Amount: $99,996.00
Phase: Phase I
Program: SBIR
Awards Year: 2008
Solitcitation Year: 2008
Solitcitation Topic Code: 41 b
Solitcitation Number: DE-PS02-07ER07-36
Small Business Information
Reservoir Labs, Inc.
632 Broadway, Suite 803, New York, NY, 10012
Duns: 022423854
Hubzone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Steven Reinhardt
 Dr.
 (212) 780-0527
 stever@reservoir.com
Business Contact
 Steven Reinhardt
Title: Dr.
Phone: (212) 780-0527
Email: stever@reservoir.com
Research Institution
N/A
Abstract
Network-based intrusion detection and prevention (IDP) systems provide effective site-wide security at institutions such as DOE national laboratories by detecting and eliminating malicious network traffic before it reaches vulnerable host systems. To identify malware reliably without triggering false positives, IDP systems must be ¿protocol aware,¿ properly identifying and interpreting the many network protocols in use. However, the protocol analysis modules needed for this task typically are not amenable to high-speed network processing, making protocol-aware IDP systems unable to keep pace with available high-bandwidth network technologies such as 10 Gbps Ethernet. This project aims to enable dramatically higher performance for protocol-aware IDP systems while simplifying the development of needed protocol analysis code. The approach involves the development of a domain-specific language for expressing protocols and a compiler to map this language to high-speed network processing platforms. The initial focus will be on multicore network processors with hardware-accelerated pattern matching. Commercial Applications and other Benefits as described by the awardee: Network-based IDP systems are widely deployed across commercial, governmental, and educational sites, as well as at DOE facilities. Thus, this technology should be applicable for any organization that seeks to maintain a secure internal network using IDP systems. Increasing network security will benefit the public in many ways, including reduced business and government costs for recovering from network intrusions and higher security for private data held by these institutions.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government