Technical content and expertise to help jump start your design and get you to production faster.
Start your designDownload our latest development and embedded software solutions.
Expedite time-to-market with our extensive lineup of development kits.
Jump-start your design with proven hardware and software solutions.
Get the latest specifications in our technical documentation library.
Further your technical expertise with online and in-person instruction.
Get comprehensive paid support to fast-track your product development.
Design ideas, demo videos, quality answers. Connect with NXP professionals and other knowledgeable designers ready to help.
Software, documentation, evaluation tools. The resources to build comprehensive solutions and accelerate your time to market.
Access our design resource libraryWe're always looking for passionate and talented people to work with us.
Join our teamSignature Detection is the underlying technology behind Intrusion Detection, Intrusion Prevention (IDS/IPS), and Application Recognition systems. Signatures are patterns, which when matched, indicate the system should apply designated security or QoS policies. There are two primary classes of security signatures:
Behavioral signatures are anomalies against actions normally taken by a system. In networking systems, the signature may be a sudden onset of high volume traffic from a Human Resources server to an external IP address.Behavioral signature methods require significant CPU performance, as the task of maintaining a baseline of "normal" traffic and discerning malicious intent from changes to the baseline requires multiple algorithms which may be tweaked on a regular basis. As a result, hardware accelerators and ASICs have limited utility beyond off-loading initial flow classification.
Data signatures are reducible to binary strings which can be located by scanning the data, either in software or with specialized hardware accelerators. The major complexity in detecting binary strings is dealing with strings that are deliberately spread over multiple network datagrams, contain multiple character options (capitalization), or otherwise include wildcards. The language for defining data signatures is known as Regular Expressions and accelerators which scan data for signatures based on regular expression rules are often referred to as RegEx Engines.
Many of Our QorIQ communications processors integrate a RegEx engine called the Pattern Matching Engine (PME).
Advantages of the NXP PME include:
The PME also provides a Stateful Rule Engine (SRE) that allows the user to describe stateful relationships between patterns. This stateful rule capability provides significant additional capabilities beyond simple pattern matching.
Some of the applications which performance can be accelerated by leveraging the pattern matching engine include:
Performance of a deep packet inspection software stack was accelerated two-fold by using the pattern matching engine on the P2041.