Internet and databases are becoming key strategic corporate and government resources that need to be protected against all kinds of cyber-crime. It is thus desirable to monitor Internet transmissions for their content and take appropriate actions when they violate corporate or government security. The present invention facilitates low cost, ultra fast packet payload analysis and database searches and provides dynamic protection on the use of specific elements of that database.
The most popular software-based internet packet analysis software is called SNORT. It includes over 2400 rules in its version 2.2, and is so slow that it cannot work effectively with the current high speed internet links. SNORT could provide some protection at the end user sites, but since end users are often careless about updating their antivirus (AV) software on a daily basis, the antivirus protection should be put into the servers and routers that operate under continuous maintenance. However, this requires that Internet packets must be processed at ultra high speeds of servers and routers. The present invention facilitates placing such ultra-fast packet payload analysis means in internet routers and servers.
The existing firewalls that check the source of messages by analyzing packet headers do not provide proper protection against many types of malware because transmissions coming from trusted websites can also be corrupted. To assure better protection, the internet packet payloads have to be also analyzed. Intrusion Detection Systems (IDS) scan packets payload for malware. In addition, there are also Intrusion Detection and Preventions Systems (IDPS) that perform both detection of malware and their removal. However, since these operations are typically performed in software, they are not suitable for acceptance at Network Aggregation Points (NAPS) and other servers, where they would be most effective. The present invention can be put into a single ASIC device to facilitate low cost, ultra fast packet payload analysis and elimination of malware at the servers and routers.
The complexity of today's technologies makes it almost impossible to monitor the flow of proprietary data out of corporations and government institutions. Now, the companies and government agencies can install inexpensive Internet payload monitoring devices, as per the present invention, which will warn and even stop the flow of confidential information out of corporations and government institutions. The present invention allows augmenting the existing firewalls with a device for controlling the flow of confidential data.
There is an explosion of abuses of intellectual property due to the ease of transmitting movies, songs, games, design software, and other copyrighted material between individuals. Ultra high speed and efficient monitoring of internet transmission for copyrighted material will slow the theft of intellectual property and stimulate creativity in many artistic, scientific and business fields. The present invention allows fast packet payload searches for strings of intellectual property.
We are becoming a society oriented towards databases that store a lot of personal data, such as health conditions, financial data, personal purchasing preferences, etc. Some of this information is crucial to individual's freedom and there have to be put strict rules on dissemination of information stored in national databases. One of the best ways to implement such restrictions on database access is using devices as per the present invention to monitor and control all downloads of such restricted information.
National security, tax evasion, and drug trafficking have become a major concern. Scamming for these criminal messages has to be conducted at multiple servers in the Internet network. The present invention allows linear, remotely controlled growth of the searched strings of data in many languages, including Kanjii, Farsi, and others.
It is therefore the object of the present invention to provide a method and apparatus for fast scanning of Internet data packets and databases for the desires strings of characters and graphic symbols.