Yissum - Research Development Company of the Hebrew University

Improved Compressed Data Security Scanning

Posted by Yissum - Research Development Company of the Hebrew UniversityResponsive · Innovative Products and Technologies · Israel

Summary of the technology

SDCH Paper
Project ID : 10-2012-2759

Yissum - Research Development Company of the Hebrew University

Description of the technology

Fast Online Deep Packet Inspection (DPI)

Categories

Computer Science & Engineering, Web Technologies, Internet Security

Development Stage

Proof of concept – algorithm complete; Seeking industrial cooperation to implement the system

Highlights

  • Network security requires the inspection of data packets for protocol non-compliance, viruses, spam, intrusions, or other predefined security-linked criteria.
  • Usually carried out by a network device performing Deep Packet Inspection (DPI) of a packet.
  • DPI consists of inspecting both the packet header and payload and alerting when signatures of malicious software, identified through pattern matching algorithms, appear in the traffic.
  • In order to save bandwidth and to speed up web browsing, most major sites use traffic compression which poses a challenge for performing DPI.

Our Innovation

Novel pattern matching algorithm that inspects Shared Dictionary Compression over HTTP (SDCH)-compressed traffic without need for decompression

Key Features

  • Algorithm operates in two phases, the offline phase and the online phase.
  • The offline phase starts when the device gets the dictionary.
  • The offline phase consists of inspection of the shared dictionary common to all SDCH-compressed traffic.
  • In the offline phase, auxiliary information is marked to speed up the online DPI inspection.
  • Upon receiving the delta file, which is unique to each compressed file, it is scanned online.
  • System skips up to 99% of the referenced data and gains up to 56% improvement in the performance of the multi-patterns matching algorithm, as compared with scanning the plain text directly, that is, it works almost at the rate of the compressed traffic, implying a speed gain of SDCH’s compression ratio.
  • Low memory footprint so algorithm can be easily deployed in current environments.

Development Milestones

  • Seeking industrial cooperation to implement the system

The Opportunity

  • Algorithm can run within a security tool that performs DPI, deployed with a pattern matching algorithm.
  • Can run in a single user environment, such as PC, tablet, or cellular phone

Project manager

Aviv Shoher
SVP BUSINESS DEVELOPMENT

Project researchers

David Hay
HUJI, School of Computer Science and Engineering
Computer Science

Related keywords

  • Information Processing, Information System, Workflow Management
  • IT and Telematics Applications
  • Multimedia
  • Computers
  • Computer Graphics Related
  • Specialised Turnkey Systems
  • Scanning Related
  • Peripherals
  • Computer Services
  • Computer Software Market
  • Other Computer Related
  • Computer Science & Engineering
  • Cyber

About Yissum - Research Development Company of the Hebrew University

Technology Transfer Office from Israel

Yissum Research Development Company of the Hebrew University of Jerusalem Ltd. Founded in 1964 to protect and commercialize the Hebrew University’s intellectual property. Ranked among the top technology transfer companies, Yissum has registered over 8,900 patents covering 2,500 inventions; has licensed out 800 technologies and has spun-off 90 companies. Products that are based on Hebrew University technologies and were commercialized by Yissum generate today over $2 Billion in annual sales.

Send your request

By clicking "Send your request" you are signing up and accepting our Terms of Service and Privacy policy

Technology Offers on Innoget are directly posted and managed by its members as well as evaluation of requests for information. Innoget is the trusted open innovation and science network aimed at directly connect industry needs with professionals online.