A pressing problem facing modern computer system design is how to ensure that computers connected to the network are safe from attack. The research will investigate computer architectures that enable a new generation of network security devices capable of detecting suspicious network behavior and known attacks. Several different security applications are characterized by requiring the frequent access and maintenance of large amounts of state, such as large lookup tables, on every byte or packet, with worst-case bounds on throughput. Our architecture will take advantage of many small, wide word, on-chip memories to rapidly traverse large graph structures that are not well supported on current existing or proposed machines. This approach results in significant reduction in memory usage and increase in throughput. Such architecture could result in a new generation of devices capable of significantly reducing the damages caused by viruses, worms, and malicious attacks. The development of a functional prototype will enable both researchers and students to study the internal dynamics a network under attack, and the architectural challenges it presents.
