Abstract
Traffic Identification is a key function performed by Internet Service Providers' (ISP) administrators to evaluate and improve network services. However, traffic identification needs to be done in real-time and at wire speed to be useful for network tuning. Deep Packet Inspection (DPI) is widely used for identifying normal applications and attacks in the network by looking for well-known patterns within the packets. Such patterns are mostly expressed by Regular Expressions (RE), which are then evaluated by abstract machines known as Deterministic Finite Automata (DFA). Some previous studies grouped DFAs together to evaluate multiple patterns on a single DFA match's run. Efficient grouping algorithms would combine several DFAs without exceeding the available machine's memory. This work proposes and evaluates a new method to combine several DFAs into a single one. Additionally we compared this algorithm to state-of-the-art approaches using a compressed DFA model. Experimental results show that our algorithm generates less groups and transitions than existent algorithms.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
