Abstract
Nowadays, Deterministic Finite Automaton (DFA) has been widely used to compare packet contents at a constant speed against a set of regular expressions in network security inspections. However, combining multiple regular expressions into a single DFA may cause a serious state explosion, which makes them impractical on large-scale rule set. In order to address this issue, this paper proposed a matching method based on “guess and verification”. It first searches the sub-expressions of each rule with DFA, and then verifies the result with NFA once the previous guess is successful. This method takes advantage of the high processing efficiency of DFA and the compact representation of NFA. The result shows that this proposal can provide a high throughout with a moderate memory requirement.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
