Abstract

Nowadays, Deterministic Finite Automaton (DFA) has been widely used to compare packet contents at a constant speed against a set of regular expressions in network security inspections. However, combining multiple regular expressions into a single DFA may cause a serious state explosion, which makes them impractical on large-scale rule set. In order to address this issue, this paper proposed a matching method based on “guess and verification”. It first searches the sub-expressions of each rule with DFA, and then verifies the result with NFA once the previous guess is successful. This method takes advantage of the high processing efficiency of DFA and the compact representation of NFA. The result shows that this proposal can provide a high throughout with a moderate memory requirement.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Space-time tradeoff in regular expression matching with semi-deterministic finite automata
Yi-Hua E Yang ... Viktor K Prasanna
-
Yi-Hua E Yang, et. al.Yi-Hua E Yang ... Viktor K Prasanna
01 Apr 2011
Intelligent grouping algorithms for regular expressions in deep inspection
Zhe Fu ... Liangwei Cai
-
Zhe Fu, et. al.Zhe Fu ... Liangwei Cai
01 Aug 2014
Accelerating DFA Construction by Hierarchical Merging
Yanbing Liu ... Li Guo
-
Yanbing Liu, et. al.Yanbing Liu ... Li Guo
01 May 2011
Fast Regular Expression Matching Using Small TCAM
Chad R Meiners ... Alex X Liu
IEEE/ACM Transactions on Networking | VOL. 22
Chad R Meiners, et. al.Chad R Meiners ... Alex X Liu
01 Feb 2014
View more papers

More From: International Journal of Advancements in Computing Technology

Paper Title
Journal
Date
Author
Face recognition using adjacent pixel intensity difference quantization histogram combined with markov stationary features
...
International Journal of Advancements in Computing Technology | VOL. 4
, et. al. ...
30 Jul 2015
Quest 3D-based Simulator for Implementing Mechanical Joint Device in Excavator
Wansik Jun ... Jaekwang Lee
International Journal of Advancements in Computing Technology | VOL. 5
Wansik Jun , et. al.Wansik Jun ... Jaekwang Lee
31 Jul 2013
A Method of Pseudo-Live Streaming for an IP Camera System with HTML5 Protocol
Paul Vincent S Contreras ... Jong Hun Kim
International Journal of Advancements in Computing Technology | VOL. 5
Paul Vincent S Contreras , et. al.Paul Vincent S Contreras ... Jong Hun Kim
31 Jul 2013
The Design and Implementation of Cell Image Analysis System
Hoyoung Kwak ... Jisoon Huh
International Journal of Advancements in Computing Technology | VOL. 5
Hoyoung Kwak , et. al.Hoyoung Kwak ... Jisoon Huh
31 Jul 2013
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.