L-7 Protocol-Aware Contents Extraction Engine

A set of Cyber Security application like intrusion detection systems (IDS), Lawful Interception (LI) systems and other similar applications require protocol specific analyzers to extract the context of the any traffic stream over network. All these Cyber Security systems requires computationally expensive pattern matching techniques for the packets in high speed network backbones to find anomalous behavior in the packet streams ,extract L-7 protocol specific information and data fields and pass extracted info to respective applications for respective threat identification tasks.

This requires development of a comprehensive L-7 protocol context-aware contents extraction engine that could process data at multi-10Gbps data rates by performing real-time pattern matching for millions of protocol specific patterns and threat signatures, extract L-7 protocol specific fields and protocol payloads for delivery to Cyber Security applications.

Proposed L-7 protocol context-aware contents extraction engine is a high speed data processing platform based on DPI Core that performs packet data aggregation for millions of packet streams simultaneously, L-7 protocol specific semantic parsing and fields extraction. Stream reassembly is core component of L-7 protocol specific contents delivery core that requires handling large number of streams with variable sizes for data reassembly in realtime. After data reassembly , L-7 Protocol Semantic Analysis component performs regular expression based extensive pattern matching to parse reassembled data for multiple L-7 protocols and reverse engineering of L-7 protocols and extraction of respective protocol fields along with contents. There is a large set of layer-7 applications including voice, video and data applications that require development of respective protocol analyzers for semantic analysis and need to be embedded in this engine.